Ibm Engineering_workflow_management

48 CVEs affecting Ibm Engineering_workflow_management. Latest disclosed: 2026-06-22. Critical: 0, High: 4.

Top CVEs affecting Ibm Engineering_workflow_management
CVESeverityScorePublishedSummary
CVE-2021-29844High8.82021-10-27IBM Jazz Team Server products is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from…
CVE-2021-29774High7.52021-10-27IBM Jazz Team Server products could allow an authenticated user to obtain elevated privileges under certain configurations. IBM X-Force ID: 203025.
CVE-2020-4965High7.52021-04-12IBM Jazz Team Server products use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-For…
CVE-2021-20502High7.12021-03-30IBM Jazz Foundation Products are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vul…
CVE-2024-51454Medium6.52026-06-22IBM Engineering Workflow Management 7.0.2 through 7.0.2 Interim Fix 035, 7.0.3 through 7.0.3 Interim Fix 017, and 7.1 through 7.1 Interim Fix 004 is vulnerable…
CVE-2021-29786Medium6.52021-10-27IBM Jazz Team Server products stores user credentials in clear text which can be read by an authenticated user. IBM X-Force ID: 203172.
CVE-2020-4974Medium6.32021-07-28IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from…
CVE-2025-33128Medium5.42026-06-22IBM Engineering Workflow Management 7.0.3 through 7.0.3 Interim Fix 020, and 7.1 through 7.1 Interim Fix 007 is vulnerable to cross-site scripting. This vulner…
CVE-2021-29673Medium5.42021-10-27IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alt…
CVE-2020-5004Medium5.42021-07-28IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alte…
CVE-2021-20507Medium5.42021-07-19IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2020-5031Medium5.42021-07-19IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2021-20519Medium5.42021-04-12IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alt…
CVE-2020-4920Medium5.42021-04-12IBM Jazz Team Server products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI t…
CVE-2021-20520Medium5.42021-03-30IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alte…
CVE-2021-20518Medium5.42021-03-30IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alte…
CVE-2021-20506Medium5.42021-03-30IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alte…
CVE-2021-20504Medium5.42021-03-30IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alte…
CVE-2021-20503Medium5.42021-03-30IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alte…
CVE-2021-20447Medium5.42021-03-30IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alte…