Vulnerabilities > IBM > Emptoris Services Procurement
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-30 | CVE-2017-1443 | Cross-site Scripting vulnerability in IBM Emptoris Services Procurement IBM Emptoris Services Procurement 10.0.0.5 is vulnerable to cross-site scripting. | 6.1 |
| 2017-08-30 | CVE-2017-1442 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Emptoris Services Procurement IBM Emptoris Services Procurement 10.0.0.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2017-08-30 | CVE-2017-1441 | Unspecified vulnerability in IBM Emptoris Services Procurement IBM Emptoris Services Procurement 10.0.0.5 could allow a local user to view sensitive information stored locally due to improper access control. | 5.5 |
| 2017-08-30 | CVE-2017-1440 | Code Injection vulnerability in IBM Emptoris Services Procurement IBM Emptoris Services Procurement 10.0.0.5 could allow a remote attacker to include arbitrary files. | 8.8 |