|
202361
|
5.4 |
MEDIUM
Network
|
ibm
|
infosphere_information_server
|
IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intend…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4741
|
2024-11-21 14:33 |
2020-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202362
|
5.2 |
MEDIUM
Adjacent
|
ibm
|
infosphere_information_server
|
IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser w…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4740
|
2024-11-21 14:33 |
2020-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202363
|
6.8 |
MEDIUM
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.2 is vulnerable to CVS Injection. A remote privileged attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force…
|
CWE-1236
Improper Neutralization of Formula Elements in a CSV File
|
CVE-2020-4689
|
2024-11-21 14:33 |
2020-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202364
|
5.4 |
MEDIUM
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4681
|
2024-11-21 14:33 |
2020-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202365
|
5.4 |
MEDIUM
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4680
|
2024-11-21 14:33 |
2020-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202366
|
4.8 |
MEDIUM
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4679
|
2024-11-21 14:33 |
2020-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202367
|
4.9 |
MEDIUM
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.2 could allow an attacker with admin access to obtain and read files that they normally would not have access to. IBM X-Force ID: 186423.
|
NVD-CWE-noinfo
|
CVE-2020-4678
|
2024-11-21 14:33 |
2020-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202368
|
6.5 |
MEDIUM
Network
|
ibm
|
curam_social_program_management
|
An improper input validation before calling java readLine() method may impact IBM Curam Social Program Management 7.0.9 and 7.0.10, which could result in a denial of service. IBM X-Force ID: 189159.
|
CWE-20
Improper Input Validation
|
CVE-2020-4781
|
2024-11-21 14:33 |
2020-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202369
|
5.3 |
MEDIUM
Network
|
ibm
|
curam_social_program_management
|
OOTB build scripts does not set the secure attribute on session cookie which may impact IBM Curam Social Program Management 7.0.9 and 7.0,10. The purpose of the 'secure' attribute is to prevent cooki…
|
CWE-613
Insufficient Session Expiration
|
CVE-2020-4780
|
2024-11-21 14:33 |
2020-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202370
|
8.1 |
HIGH
Network
|
ibm
|
curam_social_program_management
|
A HTTP Verb Tampering vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass sec…
|
CWE-287
Improper Authentication
|
CVE-2020-4779
|
2024-11-21 14:33 |
2020-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
