本ページは ibm engineering_insights に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2021-20519 | IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198441. | [email protected] | 5.4 | 0.62% | 2021-04-12 | 2026-06-16 |
| CVE-2020-4965 | IBM Jazz Team Server products use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 192422. | [email protected] | 7.5 | 0.72% | 2021-04-12 | 2026-06-16 |
| CVE-2020-4964 | IBM Jazz Team Server products contain an undisclosed vulnerability that could allow an authenticated user to present a customized message on the application which could be used to phish other users. IBM X-Force ID: 192419. | [email protected] | 4.3 | 0.64% | 2021-04-12 | 2026-06-16 |
| CVE-2020-4920 | IBM Jazz Team Server products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191396. | [email protected] | 5.4 | 0.62% | 2021-04-12 | 2026-06-16 |
| CVE-2021-20520 | IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198572. | [email protected] | 5.4 | 0.50% | 2021-03-30 | 2026-06-16 |
| CVE-2021-20518 | IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198437. | [email protected] | 5.4 | 0.50% | 2021-03-30 | 2026-06-16 |
| CVE-2021-20506 | IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198231. | [email protected] | 5.4 | 0.50% | 2021-03-30 | 2026-06-16 |
| CVE-2021-20504 | IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198231. | [email protected] | 5.4 | 0.50% | 2021-03-30 | 2026-06-16 |
| CVE-2021-20503 | IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198182. | [email protected] | 5.4 | 0.50% | 2021-03-30 | 2026-06-16 |
| CVE-2021-20502 | IBM Jazz Foundation Products are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 198059. | [email protected] | 7.1 | 1.40% | 2021-03-30 | 2026-06-16 |
| CVE-2021-20447 | IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 196623. | [email protected] | 5.4 | 0.50% | 2021-03-30 | 2026-06-16 |
| CVE-2021-20352 | IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 194710. | [email protected] | 5.4 | 0.50% | 2021-03-30 | 2026-06-16 |
| CVE-2021-20357 | IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 194963. | [email protected] | 5.4 | 0.66% | 2021-01-27 | 2026-06-16 |
| CVE-2020-4865 | IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190741. | [email protected] | 5.4 | 0.66% | 2021-01-27 | 2026-06-16 |
| CVE-2020-4855 | IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190457. | [email protected] | 5.4 | 0.66% | 2021-01-27 | 2026-06-16 |
| CVE-2020-4547 | IBM Jazz Foundation products could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 183315. | [email protected] | 5.4 | 0.82% | 2021-01-27 | 2026-06-16 |
| CVE-2020-4524 | IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182434. | [email protected] | 5.4 | 0.66% | 2021-01-27 | 2026-06-16 |
| CVE-2020-4733 | IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188127. | [email protected] | 5.4 | 0.55% | 2021-01-08 | 2026-06-16 |
| CVE-2020-4697 | IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186790. | [email protected] | 5.4 | 0.55% | 2021-01-08 | 2026-06-16 |
| CVE-2020-4691 | IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186698. | [email protected] | 5.4 | 0.55% | 2021-01-08 | 2026-06-16 |