Vulnerabilities > IBM > Cloud PAK FOR Applications > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-07-13 CVE-2021-20361 Cross-site Scripting vulnerability in IBM Cloud PAK for Applications 4.3
IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-07-13 CVE-2021-20362 Cross-site Scripting vulnerability in IBM Cloud PAK for Applications 4.3
IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-07-13 CVE-2021-20363 Cross-site Scripting vulnerability in IBM Cloud PAK for Applications 4.3
IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-07-13 CVE-2021-20364 Cross-site Scripting vulnerability in IBM Cloud PAK for Applications 4.3
IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-07-13 CVE-2021-20365 Cross-site Scripting vulnerability in IBM Cloud PAK for Applications 4.3
IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-07-13 CVE-2021-20366 Cross-site Scripting vulnerability in IBM Cloud PAK for Applications
IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-07-13 CVE-2021-20368 Cross-site Scripting vulnerability in IBM Cloud PAK for Applications
IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-07-13 CVE-2021-20369 Inadequate Encryption Strength vulnerability in IBM Cloud PAK for Applications
IBM Cloud Pak for Applications 4.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
high complexity
ibm CWE-326
5.9
2021-07-13 CVE-2021-20424 Information Exposure Through an Error Message vulnerability in IBM Cloud PAK for Applications
IBM Cloud Pak for Applications 4.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm CWE-209
4.3