Vulnerabilities > IBM > Engineering Requirements Quality Assistant ON Premises > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-18 | CVE-2021-29788 | Cross-site Scripting vulnerability in IBM Engineering Requirements Quality Assistant On-Premises IBM Engineering Requirements Quality Assistant On-Premises (All versions) is vulnerable to cross-site scripting. | 5.4 |
| 2022-07-18 | CVE-2021-29790 | Cross-site Scripting vulnerability in IBM Engineering Requirements Quality Assistant On-Premises IBM Engineering Requirements Quality Assistant On-Premises (All versions) is vulnerable to cross-site scripting. | 5.4 |
| 2022-07-18 | CVE-2021-29799 | Unspecified vulnerability in IBM Engineering Requirements Quality Assistant On-Premises IBM Engineering Requirements Quality Assistant On-Premises (All versions) could allow an authenticated user to obtain sensitive information due to improper client side validation. | 6.5 |
| 2022-07-18 | CVE-2021-38868 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Engineering Requirements Quality Assistant On-Premises IBM Engineering Requirements Quality Assistant On-Premises (All versions) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.5 |
| 2022-03-18 | CVE-2021-29899 | Unspecified vulnerability in IBM Engineering Requirements Quality Assistant On-Premises 3.0 IBM Engineering Requirements Quality Assistant prior to 3.1.3 could allow an authenticated user to cause a denial of service. | 6.5 |
| 2021-07-28 | CVE-2020-4974 | Server-Side Request Forgery (SSRF) vulnerability in IBM products IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF). | 6.3 |
| 2021-07-28 | CVE-2020-5004 | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation products are vulnerable to cross-site scripting. | 5.4 |
| 2021-07-19 | CVE-2021-20507 | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. | 5.4 |
| 2021-03-30 | CVE-2021-20520 | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation Products are vulnerable to cross-site scripting. | 5.4 |
| 2021-03-30 | CVE-2021-20518 | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation Products are vulnerable to cross-site scripting. | 5.4 |