Vulnerabilities > IBM > Engineering Lifecycle Optimization Publishing > 7.0

DATE	CVE	VULNERABILITY TITLE	RISK
2021-06-02	CVE-2021-20338	Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. network low complexity ibm CWE-79	5.4
2021-06-02	CVE-2021-20343	Server-Side Request Forgery (SSRF) vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). network low complexity ibm CWE-918	5.4
2021-06-02	CVE-2021-20345	Server-Side Request Forgery (SSRF) vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). network low complexity ibm CWE-918	5.4
2021-06-02	CVE-2021-20346	Server-Side Request Forgery (SSRF) vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). network low complexity ibm CWE-918	5.4
2021-06-02	CVE-2021-20347	Server-Side Request Forgery (SSRF) vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). network low complexity ibm CWE-918	5.4
2021-06-02	CVE-2021-20348	Server-Side Request Forgery (SSRF) vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). network low complexity ibm CWE-918	5.4
2021-06-02	CVE-2021-20371	Information Exposure Through an Error Message vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to obtain sensitive information when an error message is returned in the browser. network low complexity ibm CWE-209	6.5
2021-06-02	CVE-2021-29668	Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. network low complexity ibm CWE-79	5.4
2021-06-02	CVE-2021-29670	Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. network low complexity ibm CWE-79	5.4
2020-07-16	CVE-2020-4316	Unspecified vulnerability in IBM Engineering Lifecycle Optimization - Publishing 6.0.6/6.0.6.1/7.0 IBM Publishing Engine 6.0.6, 6.0.6.1, and 7.0 does not set the secure attribute on authorization tokens or session cookies. network low complexity ibm	4.7

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.