Vulnerabilities > IBM > Content Navigator > 2.0.2

DATE CVE VULNERABILITY TITLE RISK
2015-10-03 CVE-2015-1888 Cross-site Scripting vulnerability in IBM Content Navigator 2.0.2/2.0.3
Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.0.2 before 2.0.2-ICN-FP007 and 2.0.3 before 2.0.3-ICN-FP003, as used in Content Manager, FileNet Content Manager, Content Foundation, Content Manager OnDemand, and other products, allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
network
ibm CWE-79
3.5
3.5
2014-02-28 CVE-2014-0874 Cross-Site Scripting vulnerability in IBM Content Navigator 2.0.0/2.0.1/2.0.2
Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.x before 2.0.2.2-ICN-FP002 allows remote authenticated users to inject arbitrary web script or HTML via an unspecified parameter.
network
ibm CWE-79
3.5
3.5
2014-02-27 CVE-2014-0858 Permissions, Privileges, and Access Controls vulnerability in IBM Content Navigator 2.0.0/2.0.1/2.0.2
IBM Content Navigator 2.x before 2.0.2.2-ICN-FP002 allows remote authenticated users to bypass intended access restrictions and conduct deleteAction attacks via a modified URL.
network
ibm CWE-264
3.5
3.5
2013-12-19 CVE-2013-5462 Improper Input Validation vulnerability in IBM Content Navigator 2.0.0/2.0.1/2.0.2
IBM/ECMClient/configure/explodedformat/navigator/header.jsp in IBM Content Navigator 2.0.0, 2.0.1 before 2.0.1.2-ICN-FP002, and 2.0.2 before 2.0.2.1-ICN-FP001 allows remote attackers to conduct clickjacking attacks via vectors involving FRAME elements.
network
ibm CWE-20
4.3
4.3