CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2020-4989
https://notcve.org/view.php?id=CVE-2020-4989
IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 and IBM Rational Team Concert 6.0.6 and 6.0.0.1 could allow an authenticated user to obtain sensitive information about build definitions. IBM X-Force ID: 192707. IBM Engineering Workflow Management versiones 7.0, 7.0.1 y 7.0.2 e IBM Rational Team Concert 6.0.6 y 6.0.0.1 podrían permitir a un usuario autenticado obtener información confidencial sobre las definiciones de construcción. IBM X-Force ID: 192707 • https://exchange.xforce.ibmcloud.com/vulnerabilities/192707 https://www.ibm.com/support/pages/node/6563261 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 0CVE-2021-29774
https://notcve.org/view.php?id=CVE-2021-29774
IBM Jazz Team Server products could allow an authenticated user to obtain elevated privileges under certain configurations. IBM X-Force ID: 203025. Los productos IBM Jazz Team Server podrían permitir a un usuario autenticado alcanzar privilegios elevados bajo determinadas configuraciones. IBM X-Force ID: 203025 • https://exchange.xforce.ibmcloud.com/vulnerabilities/203025 https://www.ibm.com/support/pages/node/6508583 •
CVSS: 5.4EPSS: 0%CPEs: 15EXPL: 0CVE-2021-29673
https://notcve.org/view.php?id=CVE-2021-29673
IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199482. Los productos IBM Jazz Team Server son vulnerables a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, alterando así la funcionalidad prevista y conllevando potencialmente a una divulgación de credenciales en una sesión confiable. • https://exchange.xforce.ibmcloud.com/vulnerabilities/199482 https://www.ibm.com/support/pages/node/6508583 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 14EXPL: 0CVE-2021-20520
https://notcve.org/view.php?id=CVE-2021-20520
IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198572. Los Productos de IBM Jazz Foundation son vulnerables a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a los usuarios insertar código JavaScript arbitrario en la interfaz de usuario web, alterando así la funcionalidad prevista conllevando a una divulgación de credenciales dentro de una sesión confiable. • https://exchange.xforce.ibmcloud.com/vulnerabilities/198572 https://www.ibm.com/support/pages/node/6437579 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 14EXPL: 0CVE-2021-20518
https://notcve.org/view.php?id=CVE-2021-20518
IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198437. Los Productos de IBM Jazz Foundation son vulnerables a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a los usuarios insertar código JavaScript arbitrario en la interfaz de usuario web, alterando así la funcionalidad prevista conllevando a una divulgación de credenciales dentro de una sesión confiable. • https://exchange.xforce.ibmcloud.com/vulnerabilities/198437 https://www.ibm.com/support/pages/node/6437579 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •