Headline
CVE-2021-29799: IBM Engineering Requirements Quality Assistant On-Premises information disclosure CVE-2021-29799 Vulnerability Report
IBM Engineering Requirements Quality Assistant On-Premises (All versions) could allow an authenticated user to obtain sensitive information due to improper client side validation. IBM X-Force ID: 203738.
{{’LEARN_MORE_LABEL’ | translate}}
{{’LABEL_REQUEST_ACCESS’ | translate}} {{’LEARN_MORE_LABEL’ | translate}}
Related news
CVE-2021-29790: Security Bulletin: There are multiple vulnerabilites that affect IBM Engineering Requirements Quality Assistant On-Premises (CVE-2022-0778, CVE-2021-38868, CVE-2021-29799, CVE-2021-29790, CVE-2021-297
IBM Engineering Requirements Quality Assistant On-Premises (All versions) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 203440.