Ibm Engineering_workflow_management
48 CVEs affecting Ibm Engineering_workflow_management. Latest disclosed: 2026-06-22. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-29844 | High | 8.8 | 2021-10-27 | IBM Jazz Team Server products is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from… |
CVE-2021-29774 | High | 7.5 | 2021-10-27 | IBM Jazz Team Server products could allow an authenticated user to obtain elevated privileges under certain configurations. IBM X-Force ID: 203025. |
CVE-2020-4965 | High | 7.5 | 2021-04-12 | IBM Jazz Team Server products use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-For… |
CVE-2021-20502 | High | 7.1 | 2021-03-30 | IBM Jazz Foundation Products are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vul… |
CVE-2024-51454 | Medium | 6.5 | 2026-06-22 | IBM Engineering Workflow Management 7.0.2 through 7.0.2 Interim Fix 035, 7.0.3 through 7.0.3 Interim Fix 017, and 7.1 through 7.1 Interim Fix 004 is vulnerable… |
CVE-2021-29786 | Medium | 6.5 | 2021-10-27 | IBM Jazz Team Server products stores user credentials in clear text which can be read by an authenticated user. IBM X-Force ID: 203172. |
CVE-2020-4974 | Medium | 6.3 | 2021-07-28 | IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from… |
CVE-2025-33128 | Medium | 5.4 | 2026-06-22 | IBM Engineering Workflow Management 7.0.3 through 7.0.3 Interim Fix 020, and 7.1 through 7.1 Interim Fix 007 is vulnerable to cross-site scripting. This vulner… |
CVE-2021-29673 | Medium | 5.4 | 2021-10-27 | IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alt… |
CVE-2020-5004 | Medium | 5.4 | 2021-07-28 | IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alte… |
CVE-2021-20507 | Medium | 5.4 | 2021-07-19 | IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in… |
CVE-2020-5031 | Medium | 5.4 | 2021-07-19 | IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in… |
CVE-2021-20519 | Medium | 5.4 | 2021-04-12 | IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alt… |
CVE-2020-4920 | Medium | 5.4 | 2021-04-12 | IBM Jazz Team Server products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI t… |
CVE-2021-20520 | Medium | 5.4 | 2021-03-30 | IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alte… |
CVE-2021-20518 | Medium | 5.4 | 2021-03-30 | IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alte… |
CVE-2021-20506 | Medium | 5.4 | 2021-03-30 | IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alte… |
CVE-2021-20504 | Medium | 5.4 | 2021-03-30 | IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alte… |
CVE-2021-20503 | Medium | 5.4 | 2021-03-30 | IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alte… |
CVE-2021-20447 | Medium | 5.4 | 2021-03-30 | IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alte… |