Vulnerabilities > IBM > Content Navigator > 3.0.1

DATE CVE VULNERABILITY TITLE RISK
2022-12-07 CVE-2022-43581 Missing Authorization vulnerability in IBM Content Navigator
IBM Content Navigator 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.10, 3.0.11, and 3.0.12 is vulnerable to missing authorization and could allow an authenticated user to load external plugins and execute code.
network
low complexity
ibm CWE-862
8.8
8.8
2018-05-31 CVE-2018-1496 Cross-site Scripting vulnerability in IBM Content Navigator
IBM Content Navigator 2.0.3, 3.0.0, 3.0.1, 3.0.2, and 3.0.3 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2018-02-07 CVE-2018-1366 Unspecified vulnerability in IBM Content Navigator
IBM Content Navigator 2.0 and 3.0 is vulnerable to Comma Separated Value (CSV) Injection.
local
low complexity
ibm
7.8
7.8
2017-10-05 CVE-2017-1522 Cross-site Scripting vulnerability in IBM Content Navigator 2.0.3.8/3.0.0/3.0.1
IBM Content Navigator & CMIS 2.0.3, 3.0.0, and 3.0.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-09-07 CVE-2017-1502 Cross-site Scripting vulnerability in IBM Content Navigator 2.0.3/3.0.0/3.0.1
IBM Content Navigator & CMIS 2.0.3, 3.0.0, and 3.0.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4