Description

IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 192434.

Remediation

References

CVE-2020-4974

Related Vulnerabilities

WebLogic Improper Access Control Vulnerability (CVE-2019-2729)

Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.3)

WordPress 4.2.x Cross-Site Scripting Vulnerability (4.2 - 4.2.7)

e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3444)

WordPress Plugin WP Statistics Cross-Site Scripting (12.6.3)

Severity

Medium

Classification

CVE-2020-4974 CWE-918 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Tags

Missing Update Known Vulnerabilities