Vulnerabilities > IBM > Emptoris Strategic Supply Management > 10.1.0.11

DATE CVE VULNERABILITY TITLE RISK
2021-01-07 CVE-2020-4895 Cross-site Scripting vulnerability in IBM Emptoris Strategic Supply Management
IBM Emptoris Strategic Supply Management 10.1.0, 10.1.1, and 10.1.3 is vulnerable to stored cross-site scripting.
network
ibm CWE-79
3.5
3.5
2021-01-07 CVE-2020-4893 Cleartext Transmission of Sensitive Information vulnerability in IBM Emptoris Strategic Supply Management
IBM Emptoris Strategic Supply Management 10.1.0, 10.1.1, and 10.1.3 transmits sensitive information in HTTP GET request parameters.
network
ibm CWE-319
4.3
4.3
2017-09-05 CVE-2017-1097 Cross-Site Request Forgery (CSRF) vulnerability in IBM Emptoris Strategic Supply Management
IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
ibm CWE-352
6.8
6.8
2017-08-09 CVE-2017-1448 Open Redirect vulnerability in IBM products
IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
ibm CWE-601
4.9
4.9
2017-08-09 CVE-2016-8949 Open Redirect vulnerability in IBM products
IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
ibm CWE-601
4.9
4.9
2017-08-09 CVE-2016-6121 Cross-site Scripting vulnerability in IBM products
IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2017-07-13 CVE-2016-8952 Cross-site Scripting vulnerability in IBM Emptoris Strategic Supply Management
IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2017-07-13 CVE-2016-8951 Improper Authentication vulnerability in IBM Emptoris Strategic Supply Management
IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to a denial of service attack.
network
low complexity
ibm CWE-287
5.0
5.0
2017-07-13 CVE-2016-6019 Cross-site Scripting vulnerability in IBM Emptoris Strategic Supply Management
IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5