Vulnerabilities > IBM > Engineering Lifecycle Optimization Publishing > 6.0.6.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-14 | CVE-2021-39015 | Cross-site Scripting vulnerability in IBM Engineering Lifecycle Optimization Publishing IBM Engineering Lifecycle Optimization - Publishing 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. | 5.4 |
| 2022-07-14 | CVE-2021-39016 | Unspecified vulnerability in IBM Engineering Lifecycle Optimization Publishing IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 does not sufficiently monitor or control transmitted network traffic volume, so that an actor can cause the software to transmit more traffic than should be allowed for that actor. | 4.3 |
| 2022-07-14 | CVE-2021-39017 | Unspecified vulnerability in IBM Engineering Lifecycle Optimization Publishing IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to upload arbitrary files, caused by improper access controls. | 6.5 |
| 2022-07-14 | CVE-2021-39018 | Information Exposure Through an Error Message vulnerability in IBM Engineering Lifecycle Optimization Publishing IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could disclose sensitive information in a SQL error message that could aid in further attacks against the system. | 4.3 |
| 2022-07-14 | CVE-2021-39019 | Information Exposure vulnerability in IBM Engineering Lifecycle Optimization Publishing IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could disclose highly sensitive information through an HTTP GET request to an authenticated user. | 6.5 |
| 2022-07-14 | CVE-2021-39028 | Injection vulnerability in IBM Engineering Lifecycle Optimization Publishing IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 5.4 |