Vulnerabilities > IBM > Emptoris Supplier Lifecycle Management > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-09-07 CVE-2017-1098 Cross-site Scripting vulnerability in IBM Emptoris Supplier Lifecycle Management
IBM Emptoris Supplier Lifecycle Management 10.1.0.x is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-08-09 CVE-2017-1448 Open Redirect vulnerability in IBM products
IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
low complexity
ibm CWE-601
5.4
5.4
2017-08-09 CVE-2016-8949 Open Redirect vulnerability in IBM products
IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
low complexity
ibm CWE-601
5.4
5.4
2017-08-09 CVE-2016-6121 Cross-site Scripting vulnerability in IBM products
IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4