cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-29799,https://securityvulnerability.io/vulnerability/CVE-2021-29799,Sensitive Information Exposure in IBM Engineering Requirements Quality Assistant,"The IBM Engineering Requirements Quality Assistant On-Premises is susceptible to a vulnerability that allows an authenticated user to acquire sensitive information due to improper validation on the client side. This flaw may lead to unauthorized access to confidential data, which could compromise the integrity and confidentiality of the application's information management.",IBM,Engineering Requirements Quality Assistant On-premises,6.5,MEDIUM,0.0005600000149570405,false,,false,false,false,,,false,false,,2022-07-18T18:15:00.000Z,0
CVE-2021-38868,https://securityvulnerability.io/vulnerability/CVE-2021-38868,Cross-Site Request Forgery Vulnerability in IBM Engineering Requirements Quality Assistant,"IBM Engineering Requirements Quality Assistant On-Premises is susceptible to cross-site request forgery, a vulnerability that could allow attackers to perform unauthorized actions by exploiting the trust a website places in authenticated users. This could lead to significant security risks, as malicious operations may be executed without the knowledge of users engaged with the platform. It is crucial for organizations using this software to review their configurations and apply recommended security patches to mitigate this risk.",IBM,Engineering Requirements Quality Assistant On-premises,6.5,MEDIUM,0.0005600000149570405,false,,false,false,false,,,false,false,,2022-07-18T18:15:00.000Z,0
CVE-2021-29790,https://securityvulnerability.io/vulnerability/CVE-2021-29790,Cross-Site Scripting Vulnerability in IBM Engineering Requirements Quality Assistant,IBM Engineering Requirements Quality Assistant On-Premises is affected by a cross-site scripting vulnerability that allows attackers to inject arbitrary JavaScript code via the Web UI. This could significantly alter the application's intended functionality and may lead to the disclosure of user credentials during a trusted session. Users of affected versions should implement security measures to prevent exploitation.,IBM,Engineering Requirements Quality Assistant On-premises,5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2022-07-18T18:15:00.000Z,0
CVE-2021-29788,https://securityvulnerability.io/vulnerability/CVE-2021-29788,Cross-Site Scripting Vulnerability in IBM Engineering Requirements Quality Assistant,"IBM Engineering Requirements Quality Assistant On-Premises is susceptible to cross-site scripting (XSS), enabling potential attackers to inject arbitrary JavaScript code into the web interface. This manipulation can lead to the alteration of expected functionality, which may facilitate the disclosure of sensitive information like user credentials during trusted sessions. To safeguard against this vulnerability, users should apply patches and adhere to best security practices.",IBM,Engineering Requirements Quality Assistant On-premises,5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2022-07-18T18:15:00.000Z,0