Vulnerabilities > IBM > Engineering Requirements Management Doors WEB Access > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-03-01 CVE-2023-28525 Unspecified vulnerability in IBM products
IBM Engineering Requirements Management 9.7.2.7 is vulnerable to cross-site scripting.
network
low complexity
ibm
4.8
2024-03-01 CVE-2023-28949 Unspecified vulnerability in IBM products
IBM Engineering Requirements Management DOORS 9.7.2.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm
6.5
2024-03-01 CVE-2023-50305 Unspecified vulnerability in IBM products
IBM Engineering Requirements Management DOORS 9.7.2.7 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.
local
high complexity
ibm
5.1