Vulnerabilities > IBM > Infosphere Information Server > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-11-02 CVE-2021-29738 Server-Side Request Forgery (SSRF) vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Data Flow Designer (IBM InfoSphere Information Server 11.7 ) is vulnerable to server-side request forgery (SSRF).
network
low complexity
ibm CWE-918
5.4
2021-11-02 CVE-2021-29771 Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-07-09 CVE-2021-29712 Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
6.1
2021-05-21 CVE-2021-29681 Unspecified vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 could allow an attacker to obtain sensitive information by injecting parameters into an HTML query.
network
low complexity
ibm
5.3
2021-04-05 CVE-2020-4997 Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2020-10-12 CVE-2020-4741 Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.5/11.7
IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2020-10-12 CVE-2020-4740 Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.5/11.7
IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to HTML injection.
low complexity
ibm CWE-79
5.2
2020-09-25 CVE-2020-4727 Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 could allow a remote attacker to hijack the clicking action of the victim.
network
low complexity
ibm CWE-1021
6.1
2020-09-04 CVE-2020-4702 Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2020-05-19 CVE-2020-4298 Cross-site Scripting vulnerability in IBM products
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4