CVE-2021-20429
CVE-2021-20429 affects IBM QRadar User Behavior Analytics add-on for QRadar SIEM (versions 1.0.0–4.1.0). The root cause is an overly permissive cross-domain policy (CORS) that can disclose sensitive information. IBM’s bulletin cites CVSSv3.0 base score 3.7 and recommends upgrading to version 4.1....