Ibm Engineering_requirements_quality_assistant_on-premises

29 CVEs affecting Ibm Engineering_requirements_quality_assistant_on-premises. Latest disclosed: 2022-07-18. Critical: 0, High: 2.

Top CVEs affecting Ibm Engineering_requirements_quality_assistant_on-premises
CVESeverityScorePublishedSummary
CVE-2021-29844High8.82021-10-27IBM Jazz Team Server products is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from…
CVE-2021-20502High7.12021-03-30IBM Jazz Foundation Products are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vul…
CVE-2021-38868Medium6.52022-07-18IBM Engineering Requirements Quality Assistant On-Premises (All versions) is vulnerable to cross-site request forgery which could allow an attacker to execute…
CVE-2021-29799Medium6.52022-07-18IBM Engineering Requirements Quality Assistant On-Premises (All versions) could allow an authenticated user to obtain sensitive information due to improper cli…
CVE-2021-29899Medium6.52022-03-18IBM Engineering Requirements Quality Assistant prior to 3.1.3 could allow an authenticated user to cause a denial of service. IBM X-Force ID: 207413.
CVE-2020-4974Medium6.32021-07-28IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from…
CVE-2021-29790Medium5.42022-07-18IBM Engineering Requirements Quality Assistant On-Premises (All versions) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbit…
CVE-2021-29788Medium5.42022-07-18IBM Engineering Requirements Quality Assistant On-Premises (All versions) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbit…
CVE-2020-5004Medium5.42021-07-28IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alte…
CVE-2021-20507Medium5.42021-07-19IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2021-20520Medium5.42021-03-30IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alte…
CVE-2021-20518Medium5.42021-03-30IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alte…
CVE-2021-20506Medium5.42021-03-30IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alte…
CVE-2021-20504Medium5.42021-03-30IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alte…
CVE-2021-20503Medium5.42021-03-30IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alte…
CVE-2021-20447Medium5.42021-03-30IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alte…
CVE-2021-20352Medium5.42021-03-30IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alte…
CVE-2021-20351Medium5.42021-03-04IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering…
CVE-2021-20350Medium5.42021-03-04IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering…
CVE-2021-20340Medium5.42021-03-04IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering…