Vulnerabilities > IBM > Curam Social Program Management > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-04-20 CVE-2016-9980 Cross-site Scripting vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-04-20 CVE-2016-9979 Cross-site Scripting vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-04-20 CVE-2016-9978 Information Exposure vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 5.2, 6.0, and 7.0 could allow an authenticated attacker to disclose sensitive information.
network
low complexity
ibm CWE-200
4.3
4.3
2017-04-20 CVE-2016-8923 Information Exposure vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 5.2, 6.0, and 7.0 contains a vulnerability that would allow an authorized user to obtain sensitive information from the profile of a higher privileged user that they should not have access to.
network
low complexity
ibm CWE-200
4.3
4.3
2016-01-03 CVE-2015-5023 SQL Injection vulnerability in IBM Curam Social Program Management
SQL injection vulnerability in IBM Curam Social Program Management 6.1 before 6.1.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
network
low complexity
ibm CWE-89
5.4
5.4
2016-01-02 CVE-2015-7402 Cross-site Scripting vulnerability in IBM Curam Social Program Management 6.1
Cross-site scripting (XSS) vulnerability in IBM Curam Social Program Management 6.1 before 6.1.1.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
network
low complexity
ibm CWE-79
5.4
5.4