Vulnerabilities > IBM > Engineering Lifecycle Management > 7.0

DATE	CVE	VULNERABILITY TITLE	RISK
2021-06-02	CVE-2021-20348	Server-Side Request Forgery (SSRF) vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). network low complexity ibm CWE-918	5.5
2021-06-02	CVE-2021-20371	Information Exposure Through an Error Message vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to obtain sensitive information when an error message is returned in the browser. network low complexity ibm CWE-209	4.0
2021-06-02	CVE-2021-29668	Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. network ibm CWE-79	3.5
2021-06-02	CVE-2021-29670	Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. network ibm CWE-79	3.5
2021-03-30	CVE-2021-20520	Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation Products are vulnerable to cross-site scripting. network ibm CWE-79	3.5
2021-03-30	CVE-2021-20518	Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation Products are vulnerable to cross-site scripting. network ibm CWE-79	3.5
2021-03-30	CVE-2021-20506	Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation Products are vulnerable to cross-site scripting. network ibm CWE-79	3.5
2021-03-30	CVE-2021-20504	Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation Products are vulnerable to cross-site scripting. network ibm CWE-79	3.5
2021-03-30	CVE-2021-20503	Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation Products are vulnerable to cross-site scripting. network ibm CWE-79	3.5
2021-03-30	CVE-2021-20502	XXE vulnerability in IBM products IBM Jazz Foundation Products are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. network low complexity ibm CWE-611	5.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.