Vulnerabilities > IBM > Engineering Test Management > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-06-02 CVE-2021-20347 Server-Side Request Forgery (SSRF) vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF).
network
low complexity
ibm CWE-918
5.4
2021-06-02 CVE-2021-20348 Server-Side Request Forgery (SSRF) vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF).
network
low complexity
ibm CWE-918
5.4
2021-06-02 CVE-2021-20371 Information Exposure Through an Error Message vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to obtain sensitive information when an error message is returned in the browser.
network
low complexity
ibm CWE-209
6.5
2021-06-02 CVE-2021-29668 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-06-02 CVE-2021-29670 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-04-12 CVE-2021-20519 Cross-site Scripting vulnerability in IBM products
IBM Jazz Team Server products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-04-12 CVE-2020-4964 Unspecified vulnerability in IBM products
IBM Jazz Team Server products contain an undisclosed vulnerability that could allow an authenticated user to present a customized message on the application which could be used to phish other users.
network
low complexity
ibm
4.3
2021-04-12 CVE-2020-4920 Cross-site Scripting vulnerability in IBM products
IBM Jazz Team Server products are vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-03-04 CVE-2021-20351 Cross-site Scripting vulnerability in IBM products
IBM Engineering products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-03-04 CVE-2021-20350 Cross-site Scripting vulnerability in IBM products
IBM Engineering products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4