Vulnerabilities > IBM > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-08 | CVE-2020-4691 | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation Products are vulnerable to cross-site scripting. | 3.5 |
| 2021-01-08 | CVE-2020-4697 | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation products are vulnerable to cross-site scripting. | 3.5 |
| 2021-01-08 | CVE-2020-4733 | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation products are vulnerable to cross-site scripting. | 3.5 |
| 2021-01-08 | CVE-2020-5017 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM Spectrum Protect 10.1.0/10.1.5/10.1.6 IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may allow a local user to obtain access to information beyond their intended role and permissions. | 2.1 |
| 2021-01-08 | CVE-2020-5021 | Session Fixation vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 through 10.1.6 does not invalidate session after a password reset which could allow a local user to impersonate another user on the system. | 3.6 |
| 2021-01-08 | CVE-2020-4606 | XXE vulnerability in IBM Security Verify Privilege Manager IBM Security Verify Privilege Manager 10.8 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 3.6 |
| 2021-01-08 | CVE-2020-4663 | Cross-site Scripting vulnerability in IBM Engineering Requirements Quality Assistant On-Premises IBM Engineering Requirements Quality Assistant On-Premises is vulnerable to cross-site scripting. | 3.5 |
| 2021-01-08 | CVE-2020-4664 | Cross-site Scripting vulnerability in IBM Engineering Requirements Quality Assistant On-Premises IBM Engineering Requirements Quality Assistant On-Premises is vulnerable to cross-site scripting. | 3.5 |
| 2021-01-08 | CVE-2020-4666 | Cross-site Scripting vulnerability in IBM Engineering Requirements Quality Assistant On-Premises IBM Engineering Requirements Quality Assistant On-Premises is vulnerable to cross-site scripting. | 3.5 |
| 2021-01-07 | CVE-2020-4892 | Cross-site Scripting vulnerability in IBM Emptoris Contract Management 10.1.3.0 IBM Emptoris Contract Management 10.1.3 is vulnerable to cross-site scripting. | 3.5 |