Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-12 | CVE-2020-4681 | Cross-site Scripting vulnerability in IBM Security Guardium 11.2 IBM Security Guardium 11.2 is vulnerable to cross-site scripting. | 5.4 |
| 2020-10-12 | CVE-2020-4680 | Cross-site Scripting vulnerability in IBM Security Guardium 11.2 IBM Security Guardium 11.2 is vulnerable to cross-site scripting. | 5.4 |
| 2020-10-12 | CVE-2020-4679 | Cross-site Scripting vulnerability in IBM Security Guardium 11.2 IBM Security Guardium 11.2 is vulnerable to cross-site scripting. | 4.8 |
| 2020-10-12 | CVE-2020-4678 | Unspecified vulnerability in IBM Security Guardium 11.2 IBM Security Guardium 11.2 could allow an attacker with admin access to obtain and read files that they normally would not have access to. | 4.9 |
| 2020-10-12 | CVE-2020-4781 | Improper Input Validation vulnerability in IBM Curam Social Program Management 7.0.10.0/7.0.9.0 An improper input validation before calling java readLine() method may impact IBM Curam Social Program Management 7.0.9 and 7.0.10, which could result in a denial of service. | 6.5 |
| 2020-10-12 | CVE-2020-4780 | Insufficient Session Expiration vulnerability in IBM Curam Social Program Management 7.0.10.0/7.0.9.0 OOTB build scripts does not set the secure attribute on session cookie which may impact IBM Curam Social Program Management 7.0.9 and 7.0,10. | 5.3 |
| 2020-10-12 | CVE-2020-4775 | Cross-site Scripting vulnerability in IBM Curam Social Program Management 7.0.10.0/7.0.9.0 A cross-site scripting (XSS) vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10. | 5.4 |
| 2020-10-12 | CVE-2020-4774 | XML Injection (aka Blind XPath Injection) vulnerability in IBM Curam Social Program Management 7.0.10.0/7.0.9.0 An XPath vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10, caused by the improper handling of user-supplied input. | 5.4 |
| 2020-10-12 | CVE-2020-4773 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Curam Social Program Management 7.0.10.0/7.0.9.0 A cross-site request forgery (CSRF) vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10, which is an attack that forces a user to execute unwanted actions on the web application while they are currently authenticated. | 6.5 |
| 2020-10-12 | CVE-2020-4699 | Information Exposure Through Discrepancy vulnerability in IBM Security Access Manager and Security Verify Access IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an attacker to obtain sensitive using timing side channel attacks which could aid in further attacks against the system. | 5.3 |