Vulnerabilities > IBM > Financial Transaction Manager > 3.0.0.0

DATE CVE VULNERABILITY TITLE RISK
2016-10-29 CVE-2016-5920 Cross-site Scripting vulnerability in IBM Financial Transaction Manager
Cross-site scripting (XSS) vulnerability in the Web UI in IBM Financial Transaction Manager (FTM) for ACH Services 3.0.0.x before fp0015 and 3.0.1.0 before iFix0002 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
network
low complexity
ibm CWE-79
5.4
5.4
2016-10-29 CVE-2016-3060 Improper Access Control vulnerability in IBM Financial Transaction Manager
Payments Director in IBM Financial Transaction Manager (FTM) for ACH Services, Check Services, and Corporate Payment Services (CPS) 3.0.0.x before fp0015 and 3.0.1.0 before iFix0002 allows remote authenticated users to conduct clickjacking attacks via a crafted web site.
network
low complexity
ibm CWE-284
5.7
5.7
2016-02-15 CVE-2016-0232 Information Exposure vulnerability in IBM Financial Transaction Manager
IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment Services (CPS) 3.0.0 before FP12 allows remote authenticated users to obtain sensitive information by reading README files.
network
low complexity
ibm CWE-200
4.3
4.3
2016-02-15 CVE-2016-0231 Information Exposure vulnerability in IBM Financial Transaction Manager 3.0.0.0
IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment Services (CPS) 3.0.0 before FP12 allows remote authenticated users to obtain sensitive information by reading exception details in error logs.
network
low complexity
ibm CWE-200
4.3
4.3