Check CVE Id
Check CWE Id
Cross-site scripting (XSS) vulnerability in IBM AppScan Enterprise Edition 9.0.x before 9.0.2 iFix 001 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 103416.
(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))
CVSS Base Score
IBM Security Identity Governance and Intelligence 184.108.40.206 and 5.2.4 could allow an attacker to obtain sensitive information due to missing authentication in IGI for the survey application. IBM X-Force ID: 148601.
IBM Security Identity Governance and Intelligence 220.127.116.11 and 5.2.4 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, information in the back-end database. IBM X-For...
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow remote attackers to execute arbitrary Java code through the SOAP connector with a serialized object from untrusted sources. IBM X-Force ID: 143024.
IBM Campaign 9.1, 9.1.2, and 10 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 121...
IBM UrbanCode Deploy 6.0 through 18.104.22.168 could allow an authenticated user to read sensitive information due to UCD REST endpoints not properly authorizing users when determining who can read data. IBM X-Force ID: 112119.
IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 could allow a local user to obtain sensitive information when a previous user has logged out of the system but neglected to close their browser. IBM X-Force ID: 110303.
A vulnerability has been identified in IBM Cloud Orchestrator 2.3, 22.214.171.124, 2.4, and 126.96.36.199 that could allow an attacker after authentication to enumerate valid users of the system. IBM X-Force ID: 109394.
Back to Top