Vulnerabilities > IBM > Financial Transaction Manager FOR Multiplatform > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-04-29 CVE-2022-43871 Unspecified vulnerability in IBM Financial Transaction Manager for Multiplatform 3.2.4
IBM Financial Transaction Manager for SWIFT Services 3.2.4 is vulnerable to cross-site scripting.
network
low complexity
ibm
5.4
2020-12-16 CVE-2020-4908 Information Exposure vulnerability in IBM Financial Transaction Manager for Multiplatform 3.2.4
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 returns the product version and release information on the login dialog.
network
low complexity
ibm CWE-200
5.3
2020-12-16 CVE-2020-4907 Information Exposure Through an Error Message vulnerability in IBM Financial Transaction Manager for Multiplatform 3.2.4
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm CWE-209
5.3
2020-12-16 CVE-2020-4905 Unspecified vulnerability in IBM Financial Transaction Manager for Multiplatform 3.2.4
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow an remote attacker to obtain sensitive information, caused by a man in the middle attack.
network
high complexity
ibm
5.9
2020-12-16 CVE-2020-4904 Cross-Site Request Forgery (CSRF) vulnerability in IBM Financial Transaction Manager for Multiplatform 3.2.4
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
6.5
2020-08-03 CVE-2020-4328 SQL Injection vulnerability in IBM Financial Transaction Manager for Multiplatform 3.2.4
IBM Financial Transaction Manager 3.2.4 is vulnerable to SQL injection.
network
low complexity
ibm CWE-89
6.3
2019-12-20 CVE-2019-4744 Cross-site Scripting vulnerability in IBM Financial Transaction Manager for Multiplatform 3.0.0.0
IBM Financial Transaction Manager 3.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
6.1
2019-12-20 CVE-2019-4743 Cleartext Transmission of Sensitive Information vulnerability in IBM Financial Transaction Manager for Multiplatform 3.0.0.0
IBM Financial Transaction Manager 3.0 does not set the secure attribute on authorization tokens or session cookies.
network
low complexity
ibm CWE-319
4.3
2019-12-20 CVE-2019-4742 Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Financial Transaction Manager for Multiplatform 3.0.0.0
IBM Financial Transaction Manager 3.0 could allow a remote attacker to hijack the clicking action of the victim.
network
low complexity
ibm CWE-1021
6.1
2019-12-20 CVE-2019-4736 Cross-Site Request Forgery (CSRF) vulnerability in IBM Financial Transaction Manager for Multiplatform 3.0.0.0
IBM Financial Transaction Manager 3.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
4.3