Vulnerabilities > IBM > Kenexa LMS > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-03-31 CVE-2016-8935 Cross-site Scripting vulnerability in IBM Kenexa LMS
IBM Kenexa LMS on Cloud 13.1, 13.2, 13.2.2, 13.2.3, 13.2.4 and 14.0.0 are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-02-01 CVE-2016-8933 Path Traversal vulnerability in IBM Kenexa LMS
IBM Kenexa LMS on Cloud could allow a remote attacker to traverse directories on the system.
network
low complexity
ibm CWE-22
6.5
2017-02-01 CVE-2016-8929 SQL Injection vulnerability in IBM Kenexa LMS
IBM Kenexa LMS on Cloud is vulnerable to SQL injection.
network
low complexity
ibm CWE-89
5.4
2017-02-01 CVE-2016-5942 Cross-site Scripting vulnerability in IBM Kenexa LMS
IBM Kenexa LMS on Cloud is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-02-01 CVE-2016-5941 Path Traversal vulnerability in IBM Kenexa LMS
IBM Kenexa LMS on Cloud could allow a remote attacker to traverse directories on the system.
network
low complexity
ibm CWE-22
5.7
2017-02-01 CVE-2016-5940 Cross-site Scripting vulnerability in IBM Kenexa LMS
IBM Kenexa LMS on Cloud is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4