Vulnerabilities > IBM > Curam Social Program Management > 6.0.4.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-29 | CVE-2017-1195 | Open Redirect vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 5.8 |
| 2017-08-29 | CVE-2017-1110 | Information Exposure vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 contains an unspecified vulnerability that could allow an authenticated user to view the incidents of a higher privileged user. | 4.0 |
| 2017-08-29 | CVE-2016-9732 | Cross-site Scripting vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 6.0, 6.1, 6.2 and 7.0 is vulnerable to cross-site scripting. | 3.5 |
| 2017-08-02 | CVE-2014-8903 | Command Injection vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 6.0 SP2 before EP26, 6.0.4 before 6.0.4.5iFix10 and 6.0.5 before 6.0.5.6 allows remote authenticated users to load arbitrary Java classes via unspecified vectors. | 6.5 |
| 2017-06-28 | CVE-2017-1106 | Cross-site Scripting vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to cross-site scripting. | 3.5 |
| 2017-04-20 | CVE-2016-9980 | Cross-site Scripting vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to cross-site scripting. | 3.5 |
| 2017-04-20 | CVE-2016-9979 | Cross-site Scripting vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to cross-site scripting. | 3.5 |
| 2017-04-20 | CVE-2016-9978 | Information Exposure vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 5.2, 6.0, and 7.0 could allow an authenticated attacker to disclose sensitive information. | 4.0 |
| 2017-04-20 | CVE-2016-8923 | Information Exposure vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 5.2, 6.0, and 7.0 contains a vulnerability that would allow an authorized user to obtain sensitive information from the profile of a higher privileged user that they should not have access to. | 4.0 |
| 2017-03-31 | CVE-2016-6111 | XXE vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 6.0 and 7.0 are vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. | 8.5 |