Vulnerabilities > IBM > Engineering Workflow Management > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-11 | CVE-2021-29701 | Unspecified vulnerability in IBM products IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 as well as IBM Rational Team Concert 6.0.6 and 6.0.6.1 could allow an authneticated attacker to obtain sensitive information from build definitions that could aid in further attacks against the system. | 4.3 |
| 2021-10-27 | CVE-2021-29673 | Cross-site Scripting vulnerability in IBM products IBM Jazz Team Server products are vulnerable to cross-site scripting. | 5.4 |
| 2021-10-27 | CVE-2021-29786 | Cleartext Storage of Sensitive Information vulnerability in IBM products IBM Jazz Team Server products stores user credentials in clear text which can be read by an authenticated user. | 6.5 |
| 2021-07-28 | CVE-2020-4974 | Server-Side Request Forgery (SSRF) vulnerability in IBM products IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF). | 6.3 |
| 2021-07-28 | CVE-2020-5004 | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation products are vulnerable to cross-site scripting. | 5.4 |
| 2021-07-19 | CVE-2020-5031 | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. | 5.4 |
| 2021-07-19 | CVE-2021-20507 | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. | 5.4 |
| 2021-04-12 | CVE-2021-20519 | Cross-site Scripting vulnerability in IBM products IBM Jazz Team Server products are vulnerable to cross-site scripting. | 5.4 |
| 2021-04-12 | CVE-2020-4964 | Unspecified vulnerability in IBM products IBM Jazz Team Server products contain an undisclosed vulnerability that could allow an authenticated user to present a customized message on the application which could be used to phish other users. | 4.3 |
| 2021-04-12 | CVE-2020-4920 | Cross-site Scripting vulnerability in IBM products IBM Jazz Team Server products are vulnerable to stored cross-site scripting. | 5.4 |