Ibm

Engineering Test Management

45 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2023-43054

  • EPSS 0.15%
  • Veröffentlicht 03.03.2024 13:15:06
  • Zuletzt bearbeitet 23.12.2024 17:29:02

IBM Engineering Test Management 7.0.2 and 7.0.3 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...

5.4

CVE-2021-38934

  • EPSS 0.38%
  • Veröffentlicht 29.08.2022 21:15:08
  • Zuletzt bearbeitet 21.11.2024 06:18:14

IBM Engineering Test Management 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials ...

5.4

CVE-2020-5004

  • EPSS 0.21%
  • Veröffentlicht 28.07.2021 13:15:08
  • Zuletzt bearbeitet 21.11.2024 05:33:32

IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trus...

6.5

CVE-2020-4974

  • EPSS 0.17%
  • Veröffentlicht 28.07.2021 13:15:08
  • Zuletzt bearbeitet 21.11.2024 05:33:29

IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X...

5.5

CVE-2021-20345

  • EPSS 0.1%
  • Veröffentlicht 02.06.2021 21:15:07
  • Zuletzt bearbeitet 21.11.2024 05:46:26

IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating ...

9

CVE-2020-4495

  • EPSS 1.51%
  • Veröffentlicht 02.06.2021 21:15:07
  • Zuletzt bearbeitet 21.11.2024 05:32:48

IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to bypass security restrictions, caused by improper access control. By sending a specially-crafted request to the REST API, an attacker could exploit this vulnerability to...

6.5

CVE-2020-4732

  • EPSS 0.21%
  • Veröffentlicht 02.06.2021 21:15:07
  • Zuletzt bearbeitet 21.11.2024 05:33:11

IBM Jazz Foundation and IBM Engineering products could allow an authenticated user to obtain sensitive information due to lack of security restrictions. IBM X-Force ID: 188126.

5.4

CVE-2020-4977

  • EPSS 0.19%
  • Veröffentlicht 02.06.2021 21:15:07
  • Zuletzt bearbeitet 21.11.2024 05:33:30

IBM Engineering Lifecycle Optimization - Publishing is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credent...

5.4

CVE-2020-5030

  • EPSS 0.21%
  • Veröffentlicht 02.06.2021 21:15:07
  • Zuletzt bearbeitet 21.11.2024 05:33:34

IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disc...

5.4

CVE-2021-20338

  • EPSS 0.19%
  • Veröffentlicht 02.06.2021 21:15:07
  • Zuletzt bearbeitet 21.11.2024 05:46:25

IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disc...