Headline
CVE-2021-38868: IBM Engineering Requirements Quality Assistant On-Premises cross-site request forgery CVE-2021-38868 Vulnerability Report
IBM Engineering Requirements Quality Assistant On-Premises (All versions) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force Id: 208310.
{{’LEARN_MORE_LABEL’ | translate}}
{{’LABEL_REQUEST_ACCESS’ | translate}} {{’LEARN_MORE_LABEL’ | translate}}
Related news
CVE-2021-29790: Security Bulletin: There are multiple vulnerabilites that affect IBM Engineering Requirements Quality Assistant On-Premises (CVE-2022-0778, CVE-2021-38868, CVE-2021-29799, CVE-2021-29790, CVE-2021-297
IBM Engineering Requirements Quality Assistant On-Premises (All versions) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 203440.