Vulnerabilities > IBM > Content Navigator > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-07 | CVE-2022-43581 | Missing Authorization vulnerability in IBM Content Navigator IBM Content Navigator 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.10, 3.0.11, and 3.0.12 is vulnerable to missing authorization and could allow an authenticated user to load external plugins and execute code. | 8.8 |
| 2020-03-24 | CVE-2020-4253 | Insufficient Session Expiration vulnerability in IBM Content Navigator 3.0.0 IBM Content Navigator 3.0CD does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. | 8.8 |
| 2019-03-14 | CVE-2019-4034 | Unspecified vulnerability in IBM Content Navigator 3.0.0 IBM Content Navigator 3.0CD is could allow an attacker to execute arbitrary code on a user's workstation. | 8.8 |
| 2018-02-07 | CVE-2018-1366 | Unspecified vulnerability in IBM Content Navigator IBM Content Navigator 2.0 and 3.0 is vulnerable to Comma Separated Value (CSV) Injection. | 7.8 |
| 2018-01-29 | CVE-2018-1364 | XXE vulnerability in IBM Content Navigator 2.0.3/3.0.2/3.0.3 IBM Content Navigator 2.0 and 3.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. | 8.2 |