Vulnerabilities > IBM > Rational Engineering Lifecycle Manager > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-10-27 CVE-2021-29673 Cross-site Scripting vulnerability in IBM products
IBM Jazz Team Server products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-10-27 CVE-2021-29713 Cross-site Scripting vulnerability in IBM products
IBM Jazz Team Server products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-10-27 CVE-2021-29786 Cleartext Storage of Sensitive Information vulnerability in IBM products
IBM Jazz Team Server products stores user credentials in clear text which can be read by an authenticated user.
network
low complexity
ibm CWE-312
6.5
2021-07-28 CVE-2020-4974 Server-Side Request Forgery (SSRF) vulnerability in IBM products
IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF).
network
low complexity
ibm CWE-918
6.3
2021-07-28 CVE-2020-5004 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-07-19 CVE-2020-5031 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-07-19 CVE-2021-20507 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-06-02 CVE-2020-4732 Unspecified vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products could allow an authenticated user to obtain sensitive information due to lack of security restrictions.
network
low complexity
ibm
6.5
2021-06-02 CVE-2020-4977 Cross-site Scripting vulnerability in IBM products
IBM Engineering Lifecycle Optimization - Publishing is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-06-02 CVE-2020-5030 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4