Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-10-19	CVE-2021-29912	Cross-site Scripting vulnerability in IBM Security Risk Manager on Cp4S 1.7.0.0 IBM Security Risk Manager on CP4S 1.7.0.0 is vulnerable to cross-site scripting. network low complexity ibm CWE-79	5.4
2021-10-19	CVE-2021-38911	Cleartext Storage of Sensitive Information vulnerability in IBM Security Risk Manager on Cp4S 1.7.2.0 IBM Security Risk Manager on CP4S 1.7.0.0 stores user credentials in plain clear text which can be read by a an authenticatedl privileged user. network low complexity ibm CWE-312	4.9