Vulnerabilities > IBM > I > 7.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-30 | CVE-2021-38876 | Cross-site Scripting vulnerability in IBM I 7.2/7.3/7.4 IBM i 7.2, 7.3, and 7.4 is vulnerable to cross-site scripting. | 6.1 |
| 2021-04-21 | CVE-2021-20501 | Unspecified vulnerability in IBM I IBM i 7.1, 7.2, 7.3, and 7.4 SMTP allows a network attacker to send emails to non-existent local-domain recipients to the SMTP server, caused by using a non-default configuration. | 8.2 |
| 2020-05-17 | CVE-2020-4345 | SQL Injection vulnerability in IBM I 7.2/7.3/7.4 IBM i 7.2, 7.3, and 7.4 users running complex SQL statements under a specific set of circumstances may allow a local user to obtain sensitive information that they should not have access to. | 3.3 |
| 2019-11-09 | CVE-2019-4450 | Cross-site Scripting vulnerability in IBM I 7.2/7.3/7.4 IBM i 7.2, 7.3, and 7.4 for i is vulnerable to cross-site scripting. | 6.1 |
| 2019-06-14 | CVE-2019-4381 | Credentials Management vulnerability in IBM I 7.2/7.3 IBM i 7.27.3 Clustering could allow a local attacker to obtain sensitive information, caused by the use of advanced node failure detection using the REST API to interface with the HMC. | 5.5 |
| 2019-01-31 | CVE-2019-4040 | Cross-site Scripting vulnerability in IBM I 7.2/7.3 IBM I 7.2 and 7.3 is vulnerable to cross-site scripting. | 6.1 |
| 2017-07-31 | CVE-2017-1460 | Improper Input Validation vulnerability in IBM I IBM i OSPF 6.1, 7.1, 7.2, and 7.3 is vulnerable when a rogue router spoofs its origin. | 7.5 |