Vulnerabilities > IBM > Infosphere Information Governance Catalog > 11.7

DATE	CVE	VULNERABILITY TITLE	RISK
2019-07-01	CVE-2019-4237	Cross-site Scripting vulnerability in IBM products A Cross-Frame Scripting vulnerability in IBM InfoSphere Information Server 11.3, 11.5, and 11.7 can allow an attacker to load the vulnerable application inside an HTML iframe tag on a malicious page. network low complexity ibm CWE-79	5.4
2019-06-06	CVE-2019-4257	Information Exposure Through an Error Message vulnerability in IBM products IBM InfoSphere Information Server 11.5 and 11.7 is affected by an information disclosure vulnerability. network low complexity ibm CWE-209	4.3
2019-03-05	CVE-2018-1899	Unspecified vulnerability in IBM products IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow an attacker to change one of the settings related to InfoSphere Business Glossary Anywhere due to improper access control. low complexity ibm	4.3
2019-03-05	CVE-2018-1875	Open Redirect vulnerability in IBM products IBM InfoSphere Information Governance Catalog 11.3, 11.5, and 11.7 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. network low complexity ibm CWE-601	6.1
2019-02-15	CVE-2018-1895	Cross-site Scripting vulnerability in IBM products IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. network low complexity ibm CWE-79	5.4

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.