Vulnerabilities > IBM > Engineering Lifecycle Optimization Engineering Insights > 7.0.1

DATE	CVE	VULNERABILITY TITLE	RISK
2021-07-28	CVE-2020-4974	Server-Side Request Forgery (SSRF) vulnerability in IBM products IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF). network low complexity ibm CWE-918	6.5
2021-07-28	CVE-2020-5004	Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation products are vulnerable to cross-site scripting. network ibm CWE-79	3.5
2021-06-02	CVE-2020-4495	Unspecified vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to bypass security restrictions, caused by improper access control. network low complexity ibm critical	9.0
2021-06-02	CVE-2020-4732	Information Exposure vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products could allow an authenticated user to obtain sensitive information due to lack of security restrictions. network low complexity ibm CWE-200	4.0
2021-06-02	CVE-2020-4977	Cross-site Scripting vulnerability in IBM products IBM Engineering Lifecycle Optimization - Publishing is vulnerable to stored cross-site scripting. network ibm CWE-79	3.5
2021-06-02	CVE-2020-5030	Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. network ibm CWE-79	3.5
2021-06-02	CVE-2021-20338	Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. network ibm CWE-79	3.5
2021-06-02	CVE-2021-20343	Server-Side Request Forgery (SSRF) vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). network low complexity ibm CWE-918	5.5
2021-06-02	CVE-2021-20345	Server-Side Request Forgery (SSRF) vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). network low complexity ibm CWE-918	5.5
2021-06-02	CVE-2021-20346	Server-Side Request Forgery (SSRF) vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). network low complexity ibm CWE-918	5.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.