Vulnerabilities > IBM > Content Navigator > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-20 | CVE-2020-4687 | Unspecified vulnerability in IBM Content Navigator 3.0.0/3.0.7/3.0.8 IBM Content Navigator 3.0.7 and 3.0.8 could allow an authenticated user to view cached content of another user that they should not have access to. | 4.3 |
| 2020-03-24 | CVE-2020-4309 | Information Exposure vulnerability in IBM Content Navigator 3.0.0 IBM Content Navigator 3.0CD could disclose sensitive information to an unauthenticated user which could be used to aid in further attacks against the system. | 5.3 |
| 2020-02-12 | CVE-2019-4741 | Server-Side Request Forgery (SSRF) vulnerability in IBM Content Navigator 3.0.0 IBM Content Navigator 3.0CD is vulnerable to Server Side Request Forgery (SSRF). | 5.3 |
| 2020-01-28 | CVE-2019-4679 | Unspecified vulnerability in IBM Content Navigator 3.0.0 IBM Content Navigator 3.0CD could allow an authenticated user to gain information about the hosting operating system and version that could be used in further attacks against the system. | 4.3 |
| 2019-09-25 | CVE-2019-4571 | Cross-site Scripting vulnerability in IBM Content Navigator 3.0.0 IBM Content Navigator 3.0CD is vulnerable to cross-site scripting. | 5.4 |
| 2019-07-11 | CVE-2019-4263 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in IBM Content Navigator 3.0.0 IBM Content Navigator 3.0CD is vulnerable to local file inclusion, allowing an attacker to access a configuration file in the ICN server. | 4.3 |
| 2019-04-25 | CVE-2019-4092 | Open Redirect vulnerability in IBM Content Navigator 2.0.0/3.0.0 IBM Content Navigator 2.0.3 and 3.0CD could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |
| 2019-04-25 | CVE-2019-4033 | Cross-site Scripting vulnerability in IBM Content Navigator 2.0.3/3.0.0 IBM Content Navigator 2.0.3 and 3.0CD is vulnerable to cross-site scripting. | 5.4 |
| 2019-03-22 | CVE-2019-4035 | Open Redirect vulnerability in IBM Content Navigator 3.0.0 IBM Content Navigator 3.0CD could allow attackers to direct web traffic to a malicious site. | 5.4 |
| 2018-05-31 | CVE-2018-1496 | Cross-site Scripting vulnerability in IBM Content Navigator IBM Content Navigator 2.0.3, 3.0.0, 3.0.1, 3.0.2, and 3.0.3 is vulnerable to cross-site scripting. | 5.4 |