Vulnerabilities > IBM > Cics TX > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-14 | CVE-2022-34315 | Cross-site Scripting vulnerability in IBM Cics TX 11.1 IBM CICS TX 11.1 is vulnerable to cross-site scripting. | 5.4 |
| 2022-11-14 | CVE-2022-34316 | Improper Encoding or Escaping of Output vulnerability in IBM Cics TX 11.1 IBM CICS TX 11.1 does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers. | 5.3 |
| 2022-11-14 | CVE-2022-34329 | Unspecified vulnerability in IBM Cics TX 11.7 IBM CICS TX 11.7 could allow an attacker to obtain sensitive information from HTTP response headers. | 5.3 |
| 2022-11-14 | CVE-2022-38705 | Unspecified vulnerability in IBM Cics TX 11.1 IBM CICS TX 11.1 Standard and Advanced could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. | 6.1 |
| 2022-10-07 | CVE-2022-34308 | Allocation of Resources Without Limits or Throttling vulnerability in IBM Cics TX 11.1 IBM CICS TX 11.1 could allow a local user to cause a denial of service due to improper load handling. | 5.5 |
| 2022-08-01 | CVE-2022-33955 | OS Command Injection vulnerability in IBM Cics TX 11.1 IBM CICS TX 11.1 could allow allow an attacker with physical access to the system to execute code due using a back and refresh attack. | 6.8 |
| 2022-08-01 | CVE-2022-34162 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Cics TX 11.1 IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. | 6.1 |
| 2022-08-01 | CVE-2022-34163 | Cross-site Scripting vulnerability in IBM Cics TX 11.1 IBM CICS TX 11.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 6.1 |
| 2022-08-01 | CVE-2022-34164 | Improper Input Validation vulnerability in IBM Cics TX 11.1 IBM CICS TX 11.1 could allow a local user to impersonate another legitimate user due to improper input validation. | 5.5 |
| 2022-08-01 | CVE-2022-34307 | Missing Encryption of Sensitive Data vulnerability in IBM Cics TX 11.1 IBM CICS TX 11.1 does not set the secure attribute on authorization tokens or session cookies. | 4.3 |