Vulnerabilities > IBM > Curam Social Program Management > 7.0.0.1

DATE CVE VULNERABILITY TITLE RISK
2019-05-07 CVE-2018-2001 Cross-Site Request Forgery (CSRF) vulnerability in IBM Curam Social Program Management
IBM Cram Social Program Management 6.1.1, 6.2.0, 7.0.4, and 7.0.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
8.8
8.8
2018-12-11 CVE-2018-1900 Cross-site Scripting vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1, and 7.0.3 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2018-12-11 CVE-2018-1654 Open Redirect vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1, and 7.0.3 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
low complexity
ibm CWE-601
6.1
6.1
2018-01-11 CVE-2017-1740 Cross-site Scripting vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2018-01-11 CVE-2017-1739 Cross-site Scripting vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, and 7.0.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-08-29 CVE-2017-1195 Open Redirect vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
low complexity
ibm CWE-601
6.1
6.1
2017-08-29 CVE-2017-1110 Information Exposure vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 contains an unspecified vulnerability that could allow an authenticated user to view the incidents of a higher privileged user.
network
low complexity
ibm CWE-200
6.5
6.5
2017-08-29 CVE-2016-9732 Cross-site Scripting vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 6.0, 6.1, 6.2 and 7.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-06-28 CVE-2017-1106 Cross-site Scripting vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4