Vulnerabilities > IBM > Curam Social Program Management > 6.0.4.9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-29 | CVE-2017-1195 | Open Redirect vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 5.8 |
| 2017-08-29 | CVE-2017-1110 | Information Exposure vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 contains an unspecified vulnerability that could allow an authenticated user to view the incidents of a higher privileged user. | 4.0 |
| 2017-08-29 | CVE-2016-9732 | Cross-site Scripting vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 6.0, 6.1, 6.2 and 7.0 is vulnerable to cross-site scripting. | 3.5 |
| 2017-08-02 | CVE-2014-8903 | Command Injection vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 6.0 SP2 before EP26, 6.0.4 before 6.0.4.5iFix10 and 6.0.5 before 6.0.5.6 allows remote authenticated users to load arbitrary Java classes via unspecified vectors. | 6.5 |
| 2017-06-28 | CVE-2017-1106 | Cross-site Scripting vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to cross-site scripting. | 3.5 |
| 2015-01-10 | CVE-2014-3096 | Cross-site Scripting vulnerability in IBM Curam Social Program Management Cross-site scripting (XSS) vulnerability in IBM Curam Social Program Management before 6.0.5.5a allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 3.5 |