Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-27 | CVE-2021-29713 | Cross-site Scripting vulnerability in IBM products IBM Jazz Team Server products are vulnerable to cross-site scripting. | 5.4 |
| 2021-10-27 | CVE-2021-29786 | Cleartext Storage of Sensitive Information vulnerability in IBM products IBM Jazz Team Server products stores user credentials in clear text which can be read by an authenticated user. | 6.5 |
| 2021-10-27 | CVE-2021-29868 | Insufficient Session Expiration vulnerability in IBM I2 Ibase 8.9.13/9.0.0 IBM i2 iBase 8.9.13 and 9.0.0 could allow a local attacker to obtain sensitive information due to insufficient session expiration. | 5.5 |
| 2021-10-22 | CVE-2021-29835 | Cross-site Scripting vulnerability in IBM Business Automation Workflow IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 is vulnerable to cross-site scripting. | 6.1 |
| 2021-10-21 | CVE-2021-29883 | Missing Encryption of Sensitive Data vulnerability in IBM Transformation Extender Advanced IBM Standards Processing Engine (IBM Transformation Extender Advanced 9.0 and 10.0) does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
| 2021-10-20 | CVE-2021-38896 | Cross-site Scripting vulnerability in IBM Qradar Advisor 2.5.0/2.5.1/2.6.1 IBM QRadar Advisor 2.5 through 2.6.1 is vulnerable to cross-site scripting. | 6.1 |
| 2021-10-19 | CVE-2021-29912 | Cross-site Scripting vulnerability in IBM Security Risk Manager on Cp4S 1.7.0.0 IBM Security Risk Manager on CP4S 1.7.0.0 is vulnerable to cross-site scripting. | 5.4 |
| 2021-10-19 | CVE-2021-38911 | Cleartext Storage of Sensitive Information vulnerability in IBM Security Risk Manager on Cp4S 1.7.2.0 IBM Security Risk Manager on CP4S 1.7.0.0 stores user credentials in plain clear text which can be read by a an authenticatedl privileged user. | 4.9 |
| 2021-10-18 | CVE-2021-29878 | Cross-site Scripting vulnerability in IBM Business Automation Workflow IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 is vulnerable to cross-site scripting. | 5.4 |
| 2021-10-12 | CVE-2021-38915 | Cleartext Storage of Sensitive Information vulnerability in IBM Data Risk Manager 2.0.6 IBM Data Risk Manager 2.0.6 stores user credentials in plain clear text which can be read by an authenticated user. | 6.5 |