Vulnerabilities > IBM > Engineering Insights

DATE CVE VULNERABILITY TITLE RISK
2021-04-12 CVE-2021-20519 Cross-site Scripting vulnerability in IBM products
IBM Jazz Team Server products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-04-12 CVE-2020-4965 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM products
IBM Jazz Team Server products use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
2021-04-12 CVE-2020-4964 Unspecified vulnerability in IBM products
IBM Jazz Team Server products contain an undisclosed vulnerability that could allow an authenticated user to present a customized message on the application which could be used to phish other users.
network
low complexity
ibm
4.3
2021-04-12 CVE-2020-4920 Cross-site Scripting vulnerability in IBM products
IBM Jazz Team Server products are vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-03-30 CVE-2021-20520 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation Products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-03-30 CVE-2021-20518 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation Products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-03-30 CVE-2021-20506 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation Products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-03-30 CVE-2021-20504 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation Products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-03-30 CVE-2021-20503 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation Products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-03-30 CVE-2021-20502 XXE vulnerability in IBM products
IBM Jazz Foundation Products are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.
network
low complexity
ibm CWE-611
7.1