Ibm

Jazz Team Server

9 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2021-20543

  • EPSS 0.09%
  • Published 24.06.2022 17:15:08
  • Last modified 21.11.2024 05:46:45

IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hostin...

4.3

CVE-2021-20544

  • EPSS 0.1%
  • Published 24.06.2022 17:15:08
  • Last modified 21.11.2024 05:46:45

IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or faci...

3.3

CVE-2021-20551

  • EPSS 0.04%
  • Published 24.06.2022 17:15:08
  • Last modified 21.11.2024 05:46:45

IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 199149.

5.4

CVE-2021-29865

  • EPSS 0.08%
  • Published 24.06.2022 17:15:08
  • Last modified 21.11.2024 06:01:56

IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack t...

5.4

CVE-2021-38871

  • EPSS 0.22%
  • Published 24.06.2022 17:15:08
  • Last modified 21.11.2024 06:18:07

IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credent...

5.3

CVE-2021-38879

  • EPSS 0.19%
  • Published 24.06.2022 17:15:08
  • Last modified 21.11.2024 06:18:08

IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive informati...

5.3

CVE-2021-20355

  • EPSS 0.19%
  • Published 24.06.2022 17:15:07
  • Last modified 21.11.2024 05:46:27

IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive informati...

4.3

CVE-2021-20421

  • EPSS 0.09%
  • Published 24.06.2022 17:15:07
  • Last modified 21.11.2024 05:46:34

IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or faci...

5.4

CVE-2021-39043

  • EPSS 0.27%
  • Published 20.05.2022 17:15:07
  • Last modified 21.11.2024 06:18:28

IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to ...