Vulnerabilities > IBM > Low

DATE CVE VULNERABILITY TITLE RISK
2013-08-16 CVE-2013-0585 Cross-Site Scripting vulnerability in IBM Infosphere Information Server
Multiple cross-site scripting (XSS) vulnerabilities in IBM InfoSphere Information Server through 8.5 FP3, 8.7 through FP2, and 9.1 allow remote authenticated users to inject arbitrary web script or HTML via vectors related to the (1) web console and (2) repository management user interfaces.
network
ibm CWE-79
3.5
3.5
2013-08-16 CVE-2013-3034 Cross-Site Scripting vulnerability in IBM Infosphere Information Server
Cross-site scripting (XSS) vulnerability in IBM InfoSphere Information Server through 8.5 FP3, 8.7 through FP2, and 9.1 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the web console.
network
ibm CWE-79
3.5
3.5
2013-08-16 CVE-2013-4007 Cross-Site Scripting vulnerability in IBM Advanced Management Module
Cross-site scripting (XSS) vulnerability in adv_sw.php in the Advanced Management Module (AMM) with firmware BBET before BBET64G and BPET before BPET64G for IBM BladeCenter systems allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
ibm CWE-79
3.5
3.5
2013-08-09 CVE-2013-0492 Cross-Site Scripting vulnerability in IBM Informix Open Admin Tool 2.0/3.0
Cross-site scripting (XSS) vulnerability in IBM Informix Open Admin Tool (OAT) 2.x and 3.x before 3.11.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
network
ibm CWE-79
3.5
3.5
2013-08-06 CVE-2013-3995 Cross-Site Scripting vulnerability in IBM Infosphere Biginsights
Cross-site scripting (XSS) vulnerability in IBM InfoSphere BigInsights 1.1 through 2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
network
ibm CWE-79
3.5
3.5
2013-07-25 CVE-2013-3979 Cross-Site Scripting vulnerability in IBM Star Command Center
Multiple cross-site scripting (XSS) vulnerabilities in the help pages in Web\Content\Help\ in the Web Client in IBM Cognos Command Center (aka Star Command Center or Star Analytics) before 10.1, when Internet Explorer is used, allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
network
ibm microsoft CWE-79
3.5
3.5
2013-07-06 CVE-2013-0581 Cross-Site Scripting vulnerability in IBM Business Process Manager
Multiple cross-site scripting (XSS) vulnerabilities in IBM Business Process Manager (BPM) 7.5.1.x, 8.0.0.x, and 8.0.1 before FP1 allow remote authenticated users to inject arbitrary web script or HTML via vectors involving (1) ProcessPortal/jsp/socialPortal/dashboard.jsp, (2) teamworks/executeServiceByName, (3) portal/jsp/viewAdHocReportWizard.do, or (4) rest/bpm/wle/v1/process.
network
ibm CWE-79
3.5
3.5
2013-07-03 CVE-2013-0468 Cross-Site Scripting vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway
Cross-site scripting (XSS) vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-2983.
network
ibm CWE-79
3.5
3.5
2013-07-02 CVE-2013-2983 Cross-Site Scripting vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway
Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling File Gateway 2.2 and Sterling B2B Integrator allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2013-0468.
network
ibm CWE-79
3.5
3.5
2013-06-21 CVE-2013-0527 Information Exposure vulnerability in IBM Sterling Connect Direct User Interface
The Browser in IBM Sterling Connect:Direct 1.4 before 1.4.0.11 and 1.5 through 1.5.0.1 does not close pages upon the timeout of a session, which allows physically proximate attackers to obtain sensitive administrative-console information by reading the screen of an unattended workstation.
local
ibm CWE-200
1.9
1.9