Vulnerabilities > IBM > Mobilefirst Platform Foundation > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-04 | CVE-2017-1772 | Cross-site Scripting vulnerability in IBM Mobilefirst Platform Foundation IBM Worklight (IBM MobileFirst Platform Foundation 6.3, 7.0, 7.1, and 8.0) is vulnerable to cross-site scripting. | 6.1 |
| 2017-08-01 | CVE-2017-1500 | Cross-site Scripting vulnerability in IBM Mobilefirst Platform Foundation and Worklight A Reflected Cross Site Scripting (XSS) vulnerability exists in the authorization function exposed by RESTful Web Api of IBM Worklight Framework 6.1, 6.2, 6.3, 7.0, 7.1, and 8.0. | 6.1 |