Vulnerabilities > IBM > Infosphere Information Server ON Cloud > 11.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-05 | CVE-2018-1899 | Unspecified vulnerability in IBM products IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow an attacker to change one of the settings related to InfoSphere Business Glossary Anywhere due to improper access control. low complexity ibm | 3.3 |
| 2019-03-05 | CVE-2018-1875 | Open Redirect vulnerability in IBM products IBM InfoSphere Information Governance Catalog 11.3, 11.5, and 11.7 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 5.8 |
| 2019-02-15 | CVE-2018-1895 | Cross-site Scripting vulnerability in IBM products IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. | 3.5 |
| 2017-07-12 | CVE-2017-1321 | Cross-site Scripting vulnerability in IBM products IBM InfoSphere Information Server 9.1, 11.3, and 11.5 is vulnerable to cross-site scripting. | 4.3 |
| 2017-02-01 | CVE-2016-9000 | Cross-site Scripting vulnerability in IBM products IBM InfoSphere DataStage is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. | 4.3 |
| 2017-02-01 | CVE-2016-8999 | Cross-site Scripting vulnerability in IBM products IBM InfoSphere Information Server contains a Path-relative stylesheet import vulnerability that allows attackers to render a page in quirks mode thereby facilitating an attacker to inject malicious CSS. | 3.5 |
| 2017-02-01 | CVE-2016-6059 | XXE vulnerability in IBM products IBM InfoSphere Information Server is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. | 7.5 |
| 2017-02-01 | CVE-2016-5984 | Cross-site Scripting vulnerability in IBM products IBM InfoSphere Information Server is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. | 4.3 |