Vulnerabilities > IBM > Flashsystem 900 Firmware > 1.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-04 | CVE-2020-4987 | Cross-site Scripting vulnerability in IBM Flashsystem 900 Firmware 1.4 The IBM FlashSystem 900 user management GUI is vulnerable to stored cross-site scripting in code versions 1.5.2.8 and prior and 1.6.1.2 and prior. | 3.5 |
| 2018-10-18 | CVE-2018-1822 | Improper Authentication vulnerability in IBM Flashsystem 840 Firmware and Flashsystem 900 Firmware IBM FlashSystem 900 product GUI allows a specially crafted attack to bypass the authentication requirements of the system, resulting in the ability to remotely change the superuser password. | 10.0 |