Ibm Engineering Lifecycle Management vulnerabilities

46 known vulnerabilities affecting ibm/engineering_lifecycle_management.

Total CVEs
46
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH3MEDIUM42

Vulnerabilities

Page 3 of 3
CVE-2020-4855MEDIUMCVSS 5.4v7.02021-01-27
CVE-2020-4855 [MEDIUM] CWE-79 CVE-2020-4855: IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190457.
nvd
CVE-2020-4733MEDIUMCVSS 5.4v7.0v7.0.12021-01-08
CVE-2020-4733 [MEDIUM] CWE-79 CVE-2020-4733: IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188127.
nvd
CVE-2020-4487MEDIUMCVSS 4.3v7.0v7.0.12021-01-08
CVE-2020-4487 [MEDIUM] CWE-209 CVE-2020-4487: IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a de IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 181862.
nvd
CVE-2020-4697MEDIUMCVSS 5.4v7.0v7.0.12021-01-08
CVE-2020-4697 [MEDIUM] CWE-79 CVE-2020-4697: IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186790.
nvd
CVE-2020-4544MEDIUMCVSS 4.3v7.0v7.0.12021-01-08
CVE-2020-4544 [MEDIUM] CWE-209 CVE-2020-4544: IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a de IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 183189.
nvd
CVE-2020-4691MEDIUMCVSS 5.4v7.0v7.0.12021-01-08
CVE-2020-4691 [MEDIUM] CWE-79 CVE-2020-4691: IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186698.
nvd
← Previous3 / 3