Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-04 | CVE-2020-4825 | Cross-site Scripting vulnerability in IBM API Connect IBM API Connect 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.13 is vulnerable to cross-site scripting. | 5.4 |
| 2021-02-04 | CVE-2020-4640 | Information Exposure vulnerability in IBM API Connect Certain IBM API Connect 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.13 configurations can result in sensitive information in the URL fragment identifiers. | 4.1 |
| 2021-02-02 | CVE-2020-4934 | Path Traversal vulnerability in IBM Content Navigator 3.0.0 IBM Content Navigator 3.0.CD could allow a remote attacker to traverse directories on the system. | 4.3 |
| 2021-01-27 | CVE-2021-20357 | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation products is vulnerable to cross-site scripting. | 5.4 |
| 2021-01-27 | CVE-2020-4865 | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation products is vulnerable to cross-site scripting. | 5.4 |
| 2021-01-27 | CVE-2020-4855 | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation products is vulnerable to cross-site scripting. | 5.4 |
| 2021-01-27 | CVE-2020-4789 | Path Traversal vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and 7.3.0 to 7.3.3 Patch 5 could allow a remote attacker to traverse directories on the system. | 6.5 |
| 2021-01-27 | CVE-2020-4786 | Server-Side Request Forgery (SSRF) vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and 7.3.0 to 7.3.3 Patch 5 is vulnerable to server side request forgery (SSRF). | 4.3 |
| 2021-01-27 | CVE-2020-4547 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM products IBM Jazz Foundation products could allow a remote attacker to hijack the clicking action of the victim. | 5.4 |
| 2021-01-27 | CVE-2020-4524 | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation products is vulnerable to cross-site scripting. | 5.4 |