Vulnerabilities > IBM > Engineering Lifecycle Optimization Publishing
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-14 | CVE-2021-39019 | Information Exposure vulnerability in IBM products IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could disclose highly sensitive information through an HTTP GET request to an authenticated user. | 6.5 |
| 2022-07-14 | CVE-2021-39028 | Injection vulnerability in IBM products IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 5.4 |
| 2021-06-02 | CVE-2020-4495 | Unspecified vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to bypass security restrictions, caused by improper access control. | 8.8 |
| 2021-06-02 | CVE-2020-4732 | Unspecified vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products could allow an authenticated user to obtain sensitive information due to lack of security restrictions. | 6.5 |
| 2021-06-02 | CVE-2020-4977 | Cross-site Scripting vulnerability in IBM products IBM Engineering Lifecycle Optimization - Publishing is vulnerable to stored cross-site scripting. | 5.4 |
| 2021-06-02 | CVE-2020-5030 | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. | 5.4 |
| 2021-06-02 | CVE-2021-20338 | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. | 5.4 |
| 2021-06-02 | CVE-2021-20343 | Server-Side Request Forgery (SSRF) vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). | 5.4 |
| 2021-06-02 | CVE-2021-20345 | Server-Side Request Forgery (SSRF) vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). | 5.4 |
| 2021-06-02 | CVE-2021-20346 | Server-Side Request Forgery (SSRF) vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). | 5.4 |