CVE-2020-5031

🗓️ 19 Jul 2021 16:00:23Reported by ibmType

IBM Jazz Foundation and Engineering products vulnerable to cross-site scripting allowing arbitrary JavaScript code injection in Web UI potentially leading to credentials disclosur

Reporter	Title	Published	Views	Family All 7
ATTACKERKB	CVE-2020-5031	16 Jul 202100:00	–	attackerkb
CNNVD	IBM Jazz Foundation 跨站脚本漏洞	19 Jul 202100:00	–	cnnvd
CNVD	IBM Jazz Foundation Cross-Site Scripting Vulnerability (CNVD-2021-88199)	6 Aug 202100:00	–	cnvd
CVE	CVE-2020-5031	19 Jul 202116:00	–	cve
EUVD	EUVD-2020-26278	7 Oct 202500:30	–	euvd
NVD	CVE-2020-5031	19 Jul 202116:15	–	nvd
Prion	Cross site scripting	19 Jul 202116:15	–	prion

[
  {
    "product": "Engineering Workflow Management",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "7.0"
      },
      {
        "status": "affected",
        "version": "7.0.1"
      },
      {
        "status": "affected",
        "version": "7.0.2"
      }
    ]
  },
  {
    "product": "Rational Team Concert",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "6.0.6"
      },
      {
        "status": "affected",
        "version": "6.0.6.1"
      }
    ]
  },
  {
    "product": "Rational Engineering Lifecycle Manager",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "7.0"
      },
      {
        "status": "affected",
        "version": "7.0.1"
      },
      {
        "status": "affected",
        "version": "7.0.2"
      }
    ]
  },
  {
    "product": "Rational DOORS Next Generation",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "7.0"
      },
      {
        "status": "affected",
        "version": "7.0.1"
      },
      {
        "status": "affected",
        "version": "7.0.2"
      }
    ]
  },
  {
    "product": "Engineering Lifecycle Optimization",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "7.0"
      },
      {
        "status": "affected",
        "version": "7.0.1"
      },
      {
        "status": "affected",
        "version": "7.0.2"
      }
    ]
  },
  {
    "product": "Rational Collaborative Lifecycle Management",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "6.0.6"
      },
      {
        "status": "affected",
        "version": "6.0.6.1"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/6473141
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/193738

19 Jul 2021 16:00Current

5.2Medium risk

Vulners AI Score5.2

CVSS 35.4

EPSS0.00495