Vulnerabilities > IBM > Curam Social Program Management > 4.5

DATE	CVE	VULNERABILITY TITLE	RISK
2015-01-10	CVE-2014-3096	Cross-site Scripting vulnerability in IBM Curam Social Program Management Cross-site scripting (XSS) vulnerability in IBM Curam Social Program Management before 6.0.5.5a allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. network ibm CWE-79	3.5
2014-06-18	CVE-2014-3013	Cross-Site Scripting vulnerability in IBM Curam Social Program Management Multiple cross-site scripting (XSS) vulnerabilities in IBM Curam Social Program Management 4.5 SP10 through 6.0.5.4 allow remote authenticated users to inject arbitrary web script or HTML via crafted input to a (1) custom JSP or (2) custom renderer. network ibm CWE-79	3.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.