Vulnerabilities > IBM > Kenexa Lcms Premier > 9.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-27 | CVE-2017-1143 | Information Exposure vulnerability in IBM Kenexa Lcms Premier IBM Kenexa LCMS Premier on Cloud 9.x and 10.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 3.5 |
| 2017-03-27 | CVE-2017-1142 | Information Exposure vulnerability in IBM Kenexa Lcms Premier IBM Kenexa LCMS Premier on Cloud 9.x and 10.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for the session cookie in SSL mode. | 4.0 |
| 2017-03-01 | CVE-2016-9994 | SQL Injection vulnerability in IBM Kenexa Lcms Premier IBM Kenexa LCMS Premier on Cloud 9.0, and 10.0.0 is vulnerable to SQL injection. | 6.5 |
| 2017-03-01 | CVE-2016-9993 | SQL Injection vulnerability in IBM Kenexa Lcms Premier IBM Kenexa LCMS Premier on Cloud 9.0, and 10.0.0 is vulnerable to SQL injection. | 6.5 |
| 2017-03-01 | CVE-2016-9992 | SQL Injection vulnerability in IBM Kenexa Lcms Premier IBM Kenexa LCMS Premier on Cloud 9.0, and 10.0.0 is vulnerable to SQL injection. | 6.5 |
| 2017-02-01 | CVE-2016-5952 | SQL Injection vulnerability in IBM Kenexa Lcms Premier IBM Kenexa LCMS Premier on Cloud is vulnerable to SQL injection. | 6.5 |
| 2017-02-01 | CVE-2016-5951 | Cross-site Scripting vulnerability in IBM Kenexa Lcms Premier IBM Kenexa LCMS Premier on Cloud is vulnerable to cross-site scripting. | 3.5 |
| 2017-02-01 | CVE-2016-5950 | Credentials Management vulnerability in IBM Kenexa Lcms Premier IBM Kenexa LCMS Premier on Cloud stores user credentials in plain in clear text which can be read by an authenticated user. | 4.0 |
| 2017-02-01 | CVE-2016-5949 | 7PK - Security Features vulnerability in IBM Kenexa Lcms Premier IBM Kenexa LCMS Premier on Cloud could allow an authenticated user to obtain sensitive user data with a specially crafted HTTP request. | 4.0 |
| 2017-02-01 | CVE-2016-5948 | Cross-site Scripting vulnerability in IBM Kenexa Lcms Premier IBM Kenexa LCMS Premier on Cloud is vulnerable to cross-site scripting. | 3.5 |