Vulnerabilities > IBM > Curam Social Program Management > 6.2.0.5

DATE CVE VULNERABILITY TITLE RISK
2019-05-07 CVE-2018-2001 Cross-Site Request Forgery (CSRF) vulnerability in IBM Curam Social Program Management
IBM Cram Social Program Management 6.1.1, 6.2.0, 7.0.4, and 7.0.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
8.8
8.8
2018-12-11 CVE-2018-1900 Cross-site Scripting vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1, and 7.0.3 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2018-12-11 CVE-2018-1654 Open Redirect vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1, and 7.0.3 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
low complexity
ibm CWE-601
6.1
6.1
2018-01-11 CVE-2017-1740 Cross-site Scripting vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2018-01-11 CVE-2017-1739 Cross-site Scripting vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, and 7.0.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4