Vulnerabilities > IBM > Rational Engineering Lifecycle Manager > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-06-02 CVE-2021-20338 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-06-02 CVE-2021-20343 Server-Side Request Forgery (SSRF) vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF).
network
low complexity
ibm CWE-918
5.4
2021-06-02 CVE-2021-20345 Server-Side Request Forgery (SSRF) vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF).
network
low complexity
ibm CWE-918
5.4
2021-06-02 CVE-2021-20346 Server-Side Request Forgery (SSRF) vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF).
network
low complexity
ibm CWE-918
5.4
2021-06-02 CVE-2021-20347 Server-Side Request Forgery (SSRF) vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF).
network
low complexity
ibm CWE-918
5.4
2021-06-02 CVE-2021-20348 Server-Side Request Forgery (SSRF) vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF).
network
low complexity
ibm CWE-918
5.4
2021-06-02 CVE-2021-20371 Information Exposure Through an Error Message vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to obtain sensitive information when an error message is returned in the browser.
network
low complexity
ibm CWE-209
6.5
2021-06-02 CVE-2021-29668 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-06-02 CVE-2021-29670 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-04-12 CVE-2021-20519 Cross-site Scripting vulnerability in IBM products
IBM Jazz Team Server products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4