Vulnerabilities > IBM > Financial Transaction Manager FOR Multiplatform > 3.0.0.0

DATE	CVE	VULNERABILITY TITLE	RISK
2019-12-20	CVE-2019-4744	Cross-site Scripting vulnerability in IBM Financial Transaction Manager for Multiplatform 3.0.0.0 IBM Financial Transaction Manager 3.0 is vulnerable to cross-site scripting. network low complexity ibm CWE-79	6.1
2019-12-20	CVE-2019-4743	Cleartext Transmission of Sensitive Information vulnerability in IBM Financial Transaction Manager for Multiplatform 3.0.0.0 IBM Financial Transaction Manager 3.0 does not set the secure attribute on authorization tokens or session cookies. network low complexity ibm CWE-319	4.3
2019-12-20	CVE-2019-4742	Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Financial Transaction Manager for Multiplatform 3.0.0.0 IBM Financial Transaction Manager 3.0 could allow a remote attacker to hijack the clicking action of the victim. network low complexity ibm CWE-1021	6.1
2019-12-20	CVE-2019-4736	Cross-Site Request Forgery (CSRF) vulnerability in IBM Financial Transaction Manager for Multiplatform 3.0.0.0 IBM Financial Transaction Manager 3.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. network low complexity ibm CWE-352	4.3
2019-09-18	CVE-2018-1847	Path Traversal vulnerability in IBM Financial Transaction Manager for Multiplatform IBM Financial Transaction Manager (FTM) for Multi-Platform (MP) v2.0.0.0 through 2.0.0.5, v2.1.0.0 through 2.1.0.4, v2.1.1.0 through 2.1.1.4, and v3.0.0.0 through 3.0.0.8 could allow a remote attacker to traverse directories on the system. network low complexity ibm CWE-22	6.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.