Vulnerabilities > IBM > Filenet Content Manager
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-04 | CVE-2023-35905 | Cross-site Scripting vulnerability in IBM Filenet Content Manager 5.5.10/5.5.11/5.5.8 IBM FileNet Content Manager 5.5.8, 5.5.10, and 5.5.11 is vulnerable to cross-site scripting. | 5.4 |
| 2022-01-17 | CVE-2021-38965 | OS Command Injection vulnerability in IBM Filenet Content Manager 5.5.4/5.5.6/5.5.7 IBM FileNet Content Manager 5.5.4, 5.5.6, and 5.5.7 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. | 9.0 |
| 2020-11-09 | CVE-2020-4759 | Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Filenet Content Manager 5.5.4/5.5.5 IBM FileNet Content Manager 5.5.4 and 5.5.5 is potentially vulnerable to CVS Injection. | 9.3 |
| 2020-07-23 | CVE-2020-4447 | Cross-site Scripting vulnerability in IBM Filenet Content Manager 5.5.3/5.5.4 IBM FileNet Content Manager 5.5.3 and 5.5.4 is vulnerable to cross-site scripting. | 3.5 |
| 2019-10-14 | CVE-2019-4572 | Information Exposure Through Log Files vulnerability in IBM Filenet Content Manager 5.5.2/5.5.3 IBM FileNet Content Manager 5.5.2 and 5.5.3 in specific configurations, could log the web service user credentials into a log file that could be accessed by an administrator on the local machine. | 2.1 |
| 2018-10-12 | CVE-2018-1844 | XXE vulnerability in IBM Filenet Content Manager 5.2.1/5.5.0 IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. | 5.5 |
| 2018-07-06 | CVE-2018-1556 | Cross-site Scripting vulnerability in IBM Content Foundation and Filenet Content Manager IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to cross-site scripting. | 3.5 |
| 2018-07-06 | CVE-2018-1555 | Cross-site Scripting vulnerability in IBM Content Foundation and Filenet Content Manager IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to cross-site scripting. | 3.5 |
| 2018-07-06 | CVE-2018-1542 | XXE vulnerability in IBM Content Foundation and Filenet Content Manager IBM FileNet Content Manager, IBM Content Foundation, and IBM Case Foundation Administration Console for Content Platform Engine (ACCE) 5.2.1 and 5.5.0 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. | 5.5 |
| 2014-09-15 | CVE-2014-4763 | Cross-Site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in Content Navigator in Content Engine in IBM FileNet Content Manager 5.2.x before 5.2.0.3-P8CPE-IF003 and Content Foundation 5.2.x before 5.2.0.3-P8CPE-IF003 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 3.5 |