Engineering Test Management Security Vulnerabilities and Issues — Engineering Test Management CVE List

Lucene search

IbmEngineering Test Management

31 matches found

CVE•added 2021/01/08 9:15 p.m.•72 views

CVE-2020-4697

IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186790.

5.4CVSS5.1AI score0.00236EPSS

CVE•added 2021/01/08 9:15 p.m.•66 views

CVE-2020-4733

5.4CVSS5.1AI score0.00179EPSS

CVE•added 2021/06/02 9:15 p.m.•63 views

CVE-2021-20346

IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 194595.

5.5CVSS6AI score0.00148EPSS

CVE•added 2021/01/08 9:15 p.m.•61 views

CVE-2020-4691

IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186698.

5.4CVSS5.1AI score0.00236EPSS

CVE•added 2021/06/02 9:15 p.m.•60 views

CVE-2021-20338

IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...

5.4CVSS5.5AI score0.00187EPSS

CVE•added 2021/06/02 9:15 p.m.•60 views

CVE-2021-20343

5.5CVSS6AI score0.0009EPSS

CVE•added 2021/06/02 9:15 p.m.•58 views

CVE-2021-20345

5.5CVSS6AI score0.00099EPSS

CVE•added 2021/06/02 9:15 p.m.•57 views

CVE-2021-20347

5.5CVSS6AI score0.00099EPSS

CVE•added 2021/06/02 9:15 p.m.•56 views

CVE-2021-29670

5.4CVSS5.5AI score0.00208EPSS

CVE•added 2021/06/02 9:15 p.m.•55 views

CVE-2021-29668

5.4CVSS5.5AI score0.00208EPSS

CVE•added 2021/06/02 9:15 p.m.•54 views

CVE-2021-20348

5.5CVSS6.1AI score0.0009EPSS

CVE•added 2021/06/02 9:15 p.m.•53 views

CVE-2020-4977

IBM Engineering Lifecycle Optimization - Publishing is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-F...

5.4CVSS5.4AI score0.00187EPSS

CVE•added 2021/06/02 9:15 p.m.•52 views

CVE-2020-5030

5.4CVSS5.5AI score0.00208EPSS

CVE•added 2022/08/29 9:15 p.m.•51 views

CVE-2021-38934

IBM Engineering Test Management 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ...

5.4CVSS5.2AI score0.00171EPSS

CVE•added 2020/09/02 7:15 p.m.•48 views

CVE-2020-4522

IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182397.

5.4CVSS5.2AI score0.00236EPSS

CVE•added 2021/03/04 7:15 p.m.•46 views

CVE-2021-20351

IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 194708.

5.4CVSS5.3AI score0.00208EPSS

CVE•added 2021/01/27 5:15 p.m.•45 views

CVE-2021-20357

IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 194963.

5.4CVSS5.2AI score0.00158EPSS

CVE•added 2020/09/02 7:15 p.m.•44 views

CVE-2020-4445

5.4CVSS5.2AI score0.00236EPSS

CVE•added 2021/03/04 7:15 p.m.•41 views

CVE-2020-4866

5.4CVSS5.5AI score0.00208EPSS

CVE•added 2021/03/04 7:15 p.m.•41 views

CVE-2021-20340

5.4CVSS5.5AI score0.00208EPSS

CVE•added 2021/04/12 6:15 p.m.•41 views

CVE-2021-20519

IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198441.

5.4CVSS5.6AI score0.00157EPSS

CVE•added 2021/03/04 7:15 p.m.•40 views

CVE-2021-20350

5.4CVSS5.5AI score0.00208EPSS

CVE•added 2020/07/16 3:15 p.m.•38 views

CVE-2019-4748

5.4CVSS5.2AI score0.00179EPSS

CVE•added 2021/01/27 5:15 p.m.•38 views

CVE-2020-4865

5.4CVSS5.2AI score0.00208EPSS

CVE•added 2021/01/27 5:15 p.m.•37 views

CVE-2020-4855

5.4CVSS5.2AI score0.00158EPSS

CVE•added 2021/07/28 1:15 p.m.•37 views

CVE-2020-5004

5.4CVSS5.3AI score0.00346EPSS

CVE•added 2020/08/04 4:15 p.m.•35 views

CVE-2020-4396

5.4CVSS5.6AI score0.00179EPSS

CVE•added 2020/09/02 7:15 p.m.•35 views

CVE-2020-4546

5.4CVSS5.2AI score0.00236EPSS

CVE•added 2021/01/27 5:15 p.m.•35 views

CVE-2020-4547

IBM Jazz Foundation products could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victi...

5.4CVSS5.3AI score0.00089EPSS

CVE•added 2021/03/04 7:15 p.m.•35 views

CVE-2020-4975

5.4CVSS5.5AI score0.0025EPSS

CVE•added 2021/01/27 5:15 p.m.•33 views

CVE-2020-4524

5.4CVSS5.2AI score0.00158EPSS