Vulnerabilities > IBM > Low

DATE CVE VULNERABILITY TITLE RISK
2013-11-18 CVE-2013-5425 Cross-Site Scripting vulnerability in IBM Websphere Virtual Enterprise
Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Virtual Enterprise 6.1 before 6.1.1.6 and 7.0 before 7.0.0.4 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
network
ibm CWE-79
3.5
3.5
2013-11-13 CVE-2013-5378 Cross-Site Scripting vulnerability in IBM Websphere Portal 8.0.0.0/8.0.0.1
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.x before 8.0.0.1 CF8 allows remote authenticated users to inject arbitrary web script or HTML by leveraging incorrect IBM Connections integration.
network
ibm CWE-79
3.5
3.5
2013-11-13 CVE-2013-5379 Cross-Site Scripting vulnerability in IBM Websphere Portal
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.x before 7.0.0.2 CF25 and 8.x before 8.0.0.1 CF8 allows remote authenticated users to inject arbitrary web script or HTML by leveraging improper tagging functionality.
network
ibm CWE-79
3.5
3.5
2013-11-13 CVE-2013-5453 Information Exposure vulnerability in IBM Security Appscan
IBM Security AppScan Enterprise 5.6 through 8.7.0.1 allows remote authenticated users to read arbitrary report files by leveraging knowledge of filenames that cannot be easily predicted.
network
ibm CWE-200
3.5
3.5
2013-11-09 CVE-2013-0537 Permissions, Privileges, and Access Controls vulnerability in IBM Lotus Sametime 8.5.2/8.5.2.1
The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote authenticated users to spoof the origin of shared links by leveraging meeting-attendance privileges.
network
ibm CWE-264
3.5
3.5
2013-11-09 CVE-2013-3044 Permissions, Privileges, and Access Controls vulnerability in IBM Lotus Sametime 8.5.2/8.5.2.1
The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote authenticated users to spoof the origin of chat messages, or compose anonymous chat messages, by leveraging meeting-attendance privileges.
network
ibm CWE-264
3.5
3.5
2013-11-09 CVE-2013-3045 Improper Input Validation vulnerability in IBM Lotus Sametime 8.5.2/8.5.2.1
The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote authenticated users to share crafted links via the Library function.
network
ibm CWE-20
3.5
3.5
2013-11-09 CVE-2013-3985 Permissions, Privileges, and Access Controls vulnerability in IBM Lotus Sametime 8.5.2/8.5.2.1
The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 does not properly restrict application cookies, which allows remote attackers to read session variables by leveraging a weak setting of the Domain variable. 		2.9
2.9
2013-11-08 CVE-2013-4051 Cross-Site Scripting vulnerability in IBM Lotus Domino 8.5.0/9.0.0.0
Cross-site scripting (XSS) vulnerability in webadmin.nsf in Domino Web Administrator in IBM Domino 8.5 and 9.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-4055.
network
ibm CWE-79
3.5
3.5
2013-11-08 CVE-2013-4055 Cross-Site Scripting vulnerability in IBM Lotus Domino 8.5.0/9.0.0.0
Cross-site scripting (XSS) vulnerability in webadmin.nsf in Domino Web Administrator in IBM Domino 8.5 and 9.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-4051.
network
ibm CWE-79
3.5
3.5