Vulnerabilities > IBM > Emptoris Contract Management > 10.1.3.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-07 | CVE-2020-4897 | Information Exposure Through an Error Message vulnerability in IBM products IBM Emptoris Contract Management and IBM Emptoris Spend Analysis 10.1.0, 10.1.1, and 10.1.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 5.3 |
| 2021-01-07 | CVE-2020-4892 | Cross-site Scripting vulnerability in IBM Emptoris Contract Management 10.1.3.0 IBM Emptoris Contract Management 10.1.3 is vulnerable to cross-site scripting. | 5.4 |
| 2019-04-29 | CVE-2018-1961 | Information Exposure vulnerability in IBM Emptoris Contract Management IBM Emptoris Contract Management 10.0.0 and 10.1.3.0 could disclose sensitive information from detailed information from error messages. | 5.3 |