Vulnerabilities > IBM > Connections > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-12-07 | CVE-2018-1896 | Injection vulnerability in IBM Connections 5.0/5.5/6.0 IBM Connections 5.0, 5.5, and 6.0 is vulnerable to possible host header injection attack that could cause navigation to the attacker's domain. | 3.5 |
2018-03-20 | CVE-2015-7458 | Cross-site Scripting vulnerability in IBM Connections Cross-site scripting (XSS) vulnerability in IBM Connections 3.0.1.1 and earlier, 4.0, 4.5, and 5.0 before CR4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2018-03-20 | CVE-2015-7459 | Cross-site Scripting vulnerability in IBM Connections Cross-site scripting (XSS) vulnerability in IBM Connections 3.0.1.1 and earlier, 4.0, 4.5, and 5.0 before CR4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2018-03-20 | CVE-2015-7460 | Cross-site Scripting vulnerability in IBM Connections Cross-site scripting (XSS) vulnerability in IBM Connections 3.0.1.1 and earlier, 4.0, 4.5, and 5.0 before CR4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2018-02-14 | CVE-2017-1682 | Cross-site Scripting vulnerability in IBM Connections IBM Connections 4.0, 4.5, 5.0, 5.5, and 6.0 is vulnerable to cross-site scripting. | 3.5 |
2017-12-07 | CVE-2017-1498 | Cross-site Scripting vulnerability in IBM Connections 5.5.0.0 IBM Connections 5.5 is vulnerable to cross-site scripting. | 3.5 |
2017-03-01 | CVE-2016-5932 | Cross-site Scripting vulnerability in IBM Connections IBM Connections 4.0, 4.5, 5.0, and 5.5 is vulnerable to cross-site scripting. | 3.5 |
2017-02-08 | CVE-2016-0305 | Cross-site Scripting vulnerability in IBM Connections IBM Connections is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. | 3.5 |
2017-02-08 | CVE-2016-0310 | Cross-site Scripting vulnerability in IBM Connections IBM Connections 5.5 and earlier is vulnerable to possible host header injection attack that could cause navigation to the attacker's domain. | 3.5 |
2016-12-01 | CVE-2016-2955 | Cross-site Scripting vulnerability in IBM Connections 5.0.0.0/5.5.0.0 Cross-site scripting (XSS) vulnerability in IBM Connections 5.0 before CR4 and 5.5 before CR1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |