Vulnerabilities > IBM > Curam Social Program Management > 6.0.5

DATE CVE VULNERABILITY TITLE RISK
2018-01-19 CVE-2018-1362 Unspecified vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, and 7.0.1 within Citizen Portal could allow an authenticated user to withdraw other user's submitted applications from the system and possibly obtain privileges.
network
high complexity
ibm
5.0
5.0
2018-01-11 CVE-2017-1740 Cross-site Scripting vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-08-29 CVE-2017-1195 Open Redirect vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
low complexity
ibm CWE-601
6.1
6.1
2017-08-29 CVE-2017-1110 Information Exposure vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 contains an unspecified vulnerability that could allow an authenticated user to view the incidents of a higher privileged user.
network
low complexity
ibm CWE-200
6.5
6.5
2017-08-29 CVE-2016-9732 Cross-site Scripting vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 6.0, 6.1, 6.2 and 7.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-08-02 CVE-2014-8903 Command Injection vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 6.0 SP2 before EP26, 6.0.4 before 6.0.4.5iFix10 and 6.0.5 before 6.0.5.6 allows remote authenticated users to load arbitrary Java classes via unspecified vectors.
network
low complexity
ibm CWE-77
8.8
8.8
2017-06-28 CVE-2017-1106 Cross-site Scripting vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-04-20 CVE-2016-9980 Cross-site Scripting vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-04-20 CVE-2016-9979 Cross-site Scripting vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-04-20 CVE-2016-9978 Information Exposure vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 5.2, 6.0, and 7.0 could allow an authenticated attacker to disclose sensitive information.
network
low complexity
ibm CWE-200
4.3
4.3