Vulnerabilities > IBM > Enovia Smarteam > 5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-03-10 | CVE-2010-0959 | Cross-Site Scripting vulnerability in IBM Enovia Smarteam 5 Cross-site scripting (XSS) vulnerability in WebEditor/Authentication/LoginPage.aspx in IBM ENOVIA SmarTeam 5 allows remote attackers to inject arbitrary web script or HTML via the errMsg parameter. | 4.3 |
2008-10-15 | CVE-2008-4581 | Permissions, Privileges, and Access Controls vulnerability in IBM Enovia Smarteam 5 The Editor in IBM ENOVIA SmarTeam 5 before release 18 SP5, and release 19 before SP01, allows remote authenticated users to bypass intended access restrictions and read Document objects via the Workflow Process (aka Flow Process) view. | 4.0 |