Vulnerabilities > IBM > Curam Social Program Management > 6.1

DATE	CVE	VULNERABILITY TITLE	RISK
2016-01-03	CVE-2015-5023	SQL Injection vulnerability in IBM Curam Social Program Management SQL injection vulnerability in IBM Curam Social Program Management 6.1 before 6.1.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. network low complexity ibm CWE-89	5.4
2016-01-02	CVE-2015-7402	Cross-site Scripting vulnerability in IBM Curam Social Program Management 6.1 Cross-site scripting (XSS) vulnerability in IBM Curam Social Program Management 6.1 before 6.1.1.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. network low complexity ibm CWE-79	5.4

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.