cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-38879,https://securityvulnerability.io/vulnerability/CVE-2021-38879,Remote Information Disclosure in IBM Jazz Team Server,"A vulnerability in IBM Jazz Team Server could allow a remote attacker to access sensitive information due to the absence of the HTTPOnly flag on cookies. This oversight may expose critical data, enabling exploitation by adversaries. Affected versions include 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2. Users are advised to investigate the implementation of cookie security measures to mitigate potential risks.",IBM,Jazz Team Server,3.7,LOW,0.0010000000474974513,false,,false,false,false,,,false,false,,2022-06-24T17:15:00.000Z,0
CVE-2021-20421,https://securityvulnerability.io/vulnerability/CVE-2021-20421,Server-Side Request Forgery Vulnerability in IBM Jazz Team Server,"IBM Jazz Team Server versions 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 are susceptible to a server-side request forgery (SSRF) vulnerability. An authenticated attacker may exploit this weakness to send unauthorized requests from the server, potentially leading to network enumeration or enabling additional malicious activities. It's critical for users of affected versions to implement necessary patches and adopt best practices to secure their environments.",IBM,Jazz Team Server,5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2022-06-24T17:15:00.000Z,0
CVE-2021-20543,https://securityvulnerability.io/vulnerability/CVE-2021-20543,HTML Injection Vulnerability in IBM Jazz Team Server,"IBM Jazz Team Server versions 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 contain an HTML injection vulnerability that allows remote attackers to inject harmful HTML code. This injected code can execute in the web browser of a user accessing the compromised server, leading to potential exploitation within the security constraints of the hosting site. Organizations should ensure they have the latest security updates to mitigate this risk.",IBM,Jazz Team Server,5.4,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2022-06-24T17:15:00.000Z,0
CVE-2021-20544,https://securityvulnerability.io/vulnerability/CVE-2021-20544,Server-Side Request Forgery Vulnerability in IBM Jazz Team Server,"IBM Jazz Team Server versions 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 are susceptible to a server-side request forgery vulnerability. This issue allows authenticated attackers to send unauthorized requests from the server, which may lead to unauthorized network enumeration and pave the way for further exploitation. It is crucial for users to apply the necessary patches to mitigate this security risk.",IBM,Jazz Team Server,5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2022-06-24T17:15:00.000Z,0
CVE-2021-20551,https://securityvulnerability.io/vulnerability/CVE-2021-20551,Local File Exposure in IBM Jazz Team Server,"IBM Jazz Team Server versions 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 have a vulnerability that permits web pages to be stored locally on the server. This flaw can lead to unauthorized users on the same system being able to access these local pages, presenting a risk of sensitive information exposure and potential exploitation. Users are encouraged to review the security documentation provided by IBM for mitigation strategies.",IBM,Jazz Team Server,4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2022-06-24T17:15:00.000Z,0
CVE-2021-29865,https://securityvulnerability.io/vulnerability/CVE-2021-29865,Clickjacking Vulnerability in IBM Jazz Team Server,"IBM Jazz Team Server versions 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 are susceptible to a clickjacking vulnerability, which allows remote attackers to manipulate web page elements to deceive users into unknowingly performing actions. By directing victims to a malicious website, attackers can exploit this vulnerability to hijack user click actions, potentially facilitating further attacks on the victim's system.",IBM,Jazz Team Server,5.4,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2022-06-24T17:15:00.000Z,0
CVE-2021-38871,https://securityvulnerability.io/vulnerability/CVE-2021-38871,Cross-Site Scripting Vulnerability in IBM Jazz Team Server,"IBM Jazz Team Server is susceptible to a cross-site scripting flaw that enables attackers to insert arbitrary JavaScript code into the web interface. This vulnerability potentially compromises the security of user sessions, allowing malicious scripts to be executed in the context of legitimate users. The exploit could lead to unauthorized access to sensitive information, including user credentials, during active sessions. It is crucial for users to apply recommended security patches and maintain awareness of their web application security.",IBM,Jazz Team Server,5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2022-06-24T17:15:00.000Z,0
CVE-2021-20355,https://securityvulnerability.io/vulnerability/CVE-2021-20355,Sensitive Information Exposure in IBM Jazz Team Server,"IBM Jazz Team Server versions 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 contain a vulnerability that may allow a remote attacker to access sensitive information. This issue arises due to the absence of the HTTPOnly flag on cookies, which can be exploited to retrieve confidential data. Exploitation of this vulnerability highlights the importance of proper cookie management and security configurations in web applications.",IBM,Jazz Team Server,3.7,LOW,0.0010000000474974513,false,,false,false,false,,,false,false,,2022-06-24T17:15:00.000Z,0
CVE-2021-39043,https://securityvulnerability.io/vulnerability/CVE-2021-39043,Stored Cross-Site Scripting Vulnerability in IBM Jazz Team Server,"IBM Jazz Team Server versions 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 are susceptible to a stored cross-site scripting vulnerability. This issue enables users to inject and execute arbitrary JavaScript code within the Web UI, thereby compromising user sessions and potentially exposing sensitive user credentials. It is critical for users to ensure their systems are updated to mitigate this security risk.",IBM,Jazz Team Server,6.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2022-05-20T17:15:00.000Z,0
CVE-2021-39059,https://securityvulnerability.io/vulnerability/CVE-2021-39059,Cross-Site Scripting Vulnerability in IBM Jazz Team Server,"IBM Jazz Team Server versions 6.0.6 through 7.0.2 are susceptible to a cross-site scripting vulnerability. This weakness enables attackers to inject arbitrary JavaScript code into the web interface. Such an exploit can modify the intended functionality of the application, potentially leading to unauthorized exposure of user credentials within a trusted session. For additional information, see the references provided by IBM.",IBM,Jazz Team Server,5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2022-05-11T16:15:00.000Z,0