CVE-2021-20504: IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus…

medium5.4CVSS 3.1

AVNACLPRLUIRSCCLILAN

IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198231.

Affected

18 ranges

Vendor	Product	Version range	Fixed in
ibm	engineering_insights	—	—
ibm	engineering_insights	—	—
ibm	engineering_insights	—	—
ibm	engineering_lifecycle_management	—	—
ibm	engineering_lifecycle_optimization	—	—
ibm	engineering_lifecycle_optimization	—	—
ibm	engineering_lifecycle_optimization	—	—
ibm	engineering_workflow_management	—	—
ibm	engineering_workflow_management	—	—
ibm	engineering_workflow_management	—	—
ibm	engineering_workflow_management	—	—
ibm	rational_engineering_lifecycle_manager	—	—
ibm	rational_engineering_lifecycle_manager	—	—
ibm	rational_engineering_lifecycle_manager	—	—
ibm	rational_team_concert	—	—
ibm	rational_team_concert	—	—
ibm	rational_team_concert	—	—
ibm	rational_team_concert	—	—