Vulnerabilities > IBM > Openpages GRC Platform
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-10 | CVE-2024-27257 | Unspecified vulnerability in IBM Openpages GRC Platform and Openpages With Watson IBM OpenPages 8.3 and 9.0 potentially exposes information about client-side source code through use of JavaScript source maps to unauthorized users. | 4.3 |
| 2024-08-22 | CVE-2024-35151 | Missing Authentication for Critical Function vulnerability in IBM Openpages GRC Platform and Openpages With Watson IBM OpenPages with Watson 8.3 and 9.0 could allow authenticated users access to sensitive information through improper authorization controls on APIs. | 6.5 |
| 2021-05-11 | CVE-2020-4535 | Cross-site Scripting vulnerability in IBM Openpages GRC Platform IBM OpenPages GRC Platform 8.1 is vulnerable to cross-site scripting. | 5.4 |
| 2021-05-11 | CVE-2020-4536 | Information Exposure Through an Error Message vulnerability in IBM Openpages GRC Platform IBM OpenPages GRC Platform 8.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 4.3 |
| 2018-09-10 | CVE-2017-1679 | Information Exposure vulnerability in IBM Openpages GRC Platform IBM OpenPages GRC Platform 7.2, 7.3, 7.4, and 8.0 could allow an attacker to obtain sensitive information from error log files. | 5.5 |
| 2018-08-30 | CVE-2016-0234 | Insufficient Session Expiration vulnerability in IBM Openpages GRC Platform IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 could allow a local user to obtain sensitive information when a previous user has logged out of the system but neglected to close their browser. | 3.3 |
| 2017-11-01 | CVE-2017-1333 | Information Exposure vulnerability in IBM Openpages GRC Platform IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 could allow an unauthenticated user to obtain sensitive information about the server that could be used in future attacks against the system. | 5.3 |
| 2017-11-01 | CVE-2017-1300 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Openpages GRC Platform IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2017-11-01 | CVE-2017-1290 | Cross-site Scripting vulnerability in IBM Openpages GRC Platform IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-site scripting. | 5.4 |
| 2017-11-01 | CVE-2017-1148 | Information Exposure vulnerability in IBM Openpages GRC Platform IBM OpenPages GRC Platform 7.2 and 7.3 with OpenPages Loss Event Entry (LEE) application could allow a user to obtain sensitive information including private APIs that could be used in further attacks against the system. | 5.3 |