Vulnerabilities > IBM > Engineering Lifecycle Optimization Engineering Insights > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-06-02 CVE-2021-20348 Server-Side Request Forgery (SSRF) vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF).
network
low complexity
ibm CWE-918
5.4
2021-06-02 CVE-2021-20371 Information Exposure Through an Error Message vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to obtain sensitive information when an error message is returned in the browser.
network
low complexity
ibm CWE-209
6.5
2021-06-02 CVE-2021-29668 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-06-02 CVE-2021-29670 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4