Vulnerabilities > IBM > Curam Social Program Management > 6.1.1.1

DATE CVE VULNERABILITY TITLE RISK
2019-05-07 CVE-2018-2001 Cross-Site Request Forgery (CSRF) vulnerability in IBM Curam Social Program Management
IBM Cram Social Program Management 6.1.1, 6.2.0, 7.0.4, and 7.0.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
ibm CWE-352
6.8
6.8
2018-12-11 CVE-2018-1900 Cross-site Scripting vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1, and 7.0.3 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2018-12-11 CVE-2018-1654 Open Redirect vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1, and 7.0.3 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
ibm CWE-601
5.8
5.8
2018-03-12 CVE-2016-0261 Cross-site Scripting vulnerability in IBM Care Management and Curam Social Program Management
Cross-site scripting (XSS) vulnerability in IBM Curam Social Program Management 6.0.0 before SP2 EP29, 6.0.4 before 6.0.4.6 iFix3, 6.0.5 before 6.0.5.9 iFix2, 6.1.0 before 6.1.0.1 iFix1, and 6.1.1 before 6.1.1.1 iFix1; and IBM Care Management 6.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
ibm CWE-79
3.5
3.5
2018-01-11 CVE-2017-1740 Cross-site Scripting vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2018-01-11 CVE-2017-1739 Cross-site Scripting vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, and 7.0.1 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2017-08-29 CVE-2017-1195 Open Redirect vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
ibm CWE-601
5.8
5.8
2017-08-29 CVE-2017-1110 Information Exposure vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 contains an unspecified vulnerability that could allow an authenticated user to view the incidents of a higher privileged user.
network
low complexity
ibm CWE-200
4.0
4.0
2017-08-29 CVE-2016-9732 Cross-site Scripting vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 6.0, 6.1, 6.2 and 7.0 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2017-06-28 CVE-2017-1106 Cross-site Scripting vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5