Vulnerabilities > IBM > Content Navigator > 3.0.3

DATE CVE VULNERABILITY TITLE RISK
2022-12-07 CVE-2022-43581 Missing Authorization vulnerability in IBM Content Navigator
IBM Content Navigator 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.10, 3.0.11, and 3.0.12 is vulnerable to missing authorization and could allow an authenticated user to load external plugins and execute code.
network
low complexity
ibm CWE-862
8.8
8.8
2018-05-31 CVE-2018-1496 Cross-site Scripting vulnerability in IBM Content Navigator
IBM Content Navigator 2.0.3, 3.0.0, 3.0.1, 3.0.2, and 3.0.3 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2018-02-07 CVE-2018-1366 Unspecified vulnerability in IBM Content Navigator
IBM Content Navigator 2.0 and 3.0 is vulnerable to Comma Separated Value (CSV) Injection.
network
ibm
6.8
6.8
2018-01-29 CVE-2018-1364 XXE vulnerability in IBM Content Navigator 2.0.3/3.0.2/3.0.3
IBM Content Navigator 2.0 and 3.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data.
network
low complexity
ibm CWE-611
6.4
6.4