Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-21 | CVE-2020-7239 | Cross-site Scripting vulnerability in IBM Chatbot With IBM Watson The conversation-watson plugin before 0.8.21 for WordPress has a DOM-based XSS vulnerability that is executed when a chat message containing JavaScript is sent. | 6.1 |
| 2020-01-10 | CVE-2019-4559 | Information Exposure vulnerability in IBM Qradar Security Information and Event Manager 7.3.0/7.3.1/7.3.2 IBM QRadar SIEM 7.3.0 through 7.3.3 discloses sensitive information to unauthorized users. | 5.3 |
| 2019-12-30 | CVE-2019-4655 | Unspecified vulnerability in IBM MQ and MQ Appliance IBM MQ 9.1.0.0, 9.1.0.1, 9.1.0.2, 9.1.0.3, 9.1.1, 9.1.2, and 9.1.3 is vulnerable to a denial of service attack that would allow an authenticated user to reset client connections due to an error within the Data Conversion routine. | 4.3 |
| 2019-12-30 | CVE-2019-4623 | Cross-site Scripting vulnerability in IBM Cognos Analytics 11.0.0/11.1.0 IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting. | 5.4 |
| 2019-12-30 | CVE-2019-4343 | Incorrect Authorization vulnerability in multiple products IBM Cognos Analytics 11.0 and 11.1 allows overly permissive cross-origin resource sharing which could allow an attacker to transfer private information. | 6.5 |
| 2019-12-30 | CVE-2019-4335 | Insufficiently Protected Credentials vulnerability in IBM Watson Studio Local 1.2.3 IBM Watson Studio Local 1.2.3 stores key files in the user's home directory which could be obtained by another local user. | 5.5 |
| 2019-12-30 | CVE-2018-1682 | Information Exposure vulnerability in IBM Watston Studio Local 1.2.3 IBM Watson Studio Local 1.2.3 could disclose sensitive information over the network that an attacked could use in further attacks against the system. | 5.3 |
| 2019-12-20 | CVE-2019-4744 | Cross-site Scripting vulnerability in IBM Financial Transaction Manager for Multiplatform 3.0.0.0 IBM Financial Transaction Manager 3.0 is vulnerable to cross-site scripting. | 6.1 |
| 2019-12-20 | CVE-2019-4743 | Cleartext Transmission of Sensitive Information vulnerability in IBM Financial Transaction Manager for Multiplatform 3.0.0.0 IBM Financial Transaction Manager 3.0 does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
| 2019-12-20 | CVE-2019-4742 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Financial Transaction Manager for Multiplatform 3.0.0.0 IBM Financial Transaction Manager 3.0 could allow a remote attacker to hijack the clicking action of the victim. | 6.1 |