CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2020-4989
https://notcve.org/view.php?id=CVE-2020-4989
15 Mar 2022 — IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 and IBM Rational Team Concert 6.0.6 and 6.0.0.1 could allow an authenticated user to obtain sensitive information about build definitions. IBM X-Force ID: 192707. IBM Engineering Workflow Management versiones 7.0, 7.0.1 y 7.0.2 e IBM Rational Team Concert 6.0.6 y 6.0.0.1 podrían permitir a un usuario autenticado obtener información confidencial sobre las definiciones de construcción. IBM X-Force ID: 192707 • https://exchange.xforce.ibmcloud.com/vulnerabilities/192707 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 0CVE-2021-29774
https://notcve.org/view.php?id=CVE-2021-29774
27 Oct 2021 — IBM Jazz Team Server products could allow an authenticated user to obtain elevated privileges under certain configurations. IBM X-Force ID: 203025. Los productos IBM Jazz Team Server podrían permitir a un usuario autenticado alcanzar privilegios elevados bajo determinadas configuraciones. IBM X-Force ID: 203025 • https://exchange.xforce.ibmcloud.com/vulnerabilities/203025 •
CVSS: 5.4EPSS: 0%CPEs: 15EXPL: 0CVE-2021-29673
https://notcve.org/view.php?id=CVE-2021-29673
27 Oct 2021 — IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199482. Los productos IBM Jazz Team Server son vulnerables a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, alterando así la funcio... • https://exchange.xforce.ibmcloud.com/vulnerabilities/199482 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 14EXPL: 0CVE-2021-20520
https://notcve.org/view.php?id=CVE-2021-20520
30 Mar 2021 — IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198572. Los Productos de IBM Jazz Foundation son vulnerables a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a los usuarios insertar código JavaScript arbitrario en la interfaz de usuario web, alterando así... • https://exchange.xforce.ibmcloud.com/vulnerabilities/198572 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 14EXPL: 0CVE-2021-20518
https://notcve.org/view.php?id=CVE-2021-20518
30 Mar 2021 — IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198437. Los Productos de IBM Jazz Foundation son vulnerables a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a los usuarios insertar código JavaScript arbitrario en la interfaz de usuario web, alterando así... • https://exchange.xforce.ibmcloud.com/vulnerabilities/198437 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 14EXPL: 0CVE-2021-20506
https://notcve.org/view.php?id=CVE-2021-20506
30 Mar 2021 — IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198231. Los Productos de IBM Jazz Foundation son vulnerables a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a los usuarios insertar código JavaScript arbitrario en la interfaz de usuario web, alterando así... • https://exchange.xforce.ibmcloud.com/vulnerabilities/198233 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 14EXPL: 0CVE-2021-20504
https://notcve.org/view.php?id=CVE-2021-20504
30 Mar 2021 — IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198231. Los Productos de IBM Jazz Foundation son vulnerables a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a los usuarios insertar código JavaScript arbitrario en la interfaz de usuario web, alterando así... • https://exchange.xforce.ibmcloud.com/vulnerabilities/198231 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 14EXPL: 0CVE-2021-20503
https://notcve.org/view.php?id=CVE-2021-20503
30 Mar 2021 — IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198182. Los Productos de IBM Jazz Foundation son vulnerables a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a los usuarios insertar código JavaScript arbitrario en la interfaz de usuario web, alterando así... • https://exchange.xforce.ibmcloud.com/vulnerabilities/198182 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.1EPSS: 0%CPEs: 14EXPL: 0CVE-2021-20502
https://notcve.org/view.php?id=CVE-2021-20502
30 Mar 2021 — IBM Jazz Foundation Products are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 198059. Los Productos de IBM Jazz Foundation son vulnerables a un ataque de tipo XML External Entity Injection (XXE) al procesar datos XML. Un atacante remoto podría aprovechar esta vulnerabilidad para exponer información confidencial o consumir recursos de la... • https://exchange.xforce.ibmcloud.com/vulnerabilities/198059 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 5.4EPSS: 0%CPEs: 14EXPL: 0CVE-2021-20447
https://notcve.org/view.php?id=CVE-2021-20447
30 Mar 2021 — IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 196623. Los Productos de IBM Jazz Foundation son vulnerables a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a los usuarios insertar código JavaScript arbitrario en la interfaz de usuario web, alterando así... • https://exchange.xforce.ibmcloud.com/vulnerabilities/196623 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •