Vulnerabilities > IBI

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-22	CVE-2020-14204	XXE vulnerability in IBI Webfocus Business Intelligence 8.0 In WebFOCUS Business Intelligence 8.0 (SP6), the administration portal allows remote attackers to read arbitrary local files or forge server-side HTTP requests via a crafted HTTP request to /ibi_apps/WFServlet.cfg because XML external entity injection is possible. network ibi CWE-611	5.8
2020-06-22	CVE-2020-14203	Cross-Site Request Forgery (CSRF) vulnerability in IBI Webfocus Business Intelligence 8.0 WebFOCUS Business Intelligence 8.0 (SP6) allows a Cross-Site Request Forgery (CSRF) attack against administrative users within the /ibi_apps/WFServlet(.ibfs) endpoint. network ibi CWE-352	6.8
2020-06-22	CVE-2020-14202	Cross-site Scripting vulnerability in IBI Webfocus Business Intelligence 8.0 WebFOCUS Business Intelligence 8.0 (SP6) was prone to XSS via arbitrary URL parameters. network ibi CWE-79	4.3

Vulnerabilities > IBI {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"IBI"}]}