Vulnerabilities > IBM > Aspera Shares > 1.9.15
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2025-03-07 | CVE-2025-0162 | XXE vulnerability in IBM Aspera Shares 1.10.0/1.9.14/1.9.15 IBM Aspera Shares 1.9.9 through 1.10.0 PL7 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. | 7.1 |
2025-02-05 | CVE-2024-38316 | Unspecified vulnerability in IBM Aspera Shares 1.10.0/1.9.14/1.9.15 IBM Aspera Shares 1.9.0 through 1.10.0 PL6 does not properly rate limit the frequency that an authenticated user can send emails, which could result in email flooding or a denial of service. | 6.5 |
2025-02-05 | CVE-2024-38318 | Cross-site Scripting vulnerability in IBM Aspera Shares 1.10.0/1.9.14/1.9.15 IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to HTML injection. | 6.1 |
2025-02-05 | CVE-2024-56472 | Unspecified vulnerability in IBM Aspera Shares 1.10.0/1.9.14/1.9.15 IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to stored cross-site scripting. | 5.4 |