Vulnerabilities > IBM > Openpages GRC Platform > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-09-10 CVE-2024-27257 Unspecified vulnerability in IBM Openpages GRC Platform and Openpages With Watson
IBM OpenPages 8.3 and 9.0 potentially exposes information about client-side source code through use of JavaScript source maps to unauthorized users.
network
low complexity
ibm
4.3
2024-08-22 CVE-2024-35151 Missing Authentication for Critical Function vulnerability in IBM Openpages GRC Platform and Openpages With Watson
IBM OpenPages with Watson 8.3 and 9.0 could allow authenticated users access to sensitive information through improper authorization controls on APIs.
network
low complexity
ibm CWE-306
6.5
2021-05-11 CVE-2020-4535 Cross-site Scripting vulnerability in IBM Openpages GRC Platform
IBM OpenPages GRC Platform 8.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-05-11 CVE-2020-4536 Information Exposure Through an Error Message vulnerability in IBM Openpages GRC Platform
IBM OpenPages GRC Platform 8.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm CWE-209
4.3
2018-09-10 CVE-2017-1679 Information Exposure vulnerability in IBM Openpages GRC Platform
IBM OpenPages GRC Platform 7.2, 7.3, 7.4, and 8.0 could allow an attacker to obtain sensitive information from error log files.
local
low complexity
ibm CWE-200
5.5
2017-11-01 CVE-2017-1333 Information Exposure vulnerability in IBM Openpages GRC Platform
IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 could allow an unauthenticated user to obtain sensitive information about the server that could be used in future attacks against the system.
network
low complexity
ibm CWE-200
5.3
2017-11-01 CVE-2017-1290 Cross-site Scripting vulnerability in IBM Openpages GRC Platform
IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-11-01 CVE-2017-1148 Information Exposure vulnerability in IBM Openpages GRC Platform
IBM OpenPages GRC Platform 7.2 and 7.3 with OpenPages Loss Event Entry (LEE) application could allow a user to obtain sensitive information including private APIs that could be used in further attacks against the system.
network
low complexity
ibm CWE-200
5.3
2017-11-01 CVE-2017-1147 Cross-site Scripting vulnerability in IBM Openpages GRC Platform
IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-11-01 CVE-2016-3048 Cross-site Scripting vulnerability in IBM Openpages GRC Platform
IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4