Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-20 | CVE-2024-49355 | Improper Output Neutralization for Logs vulnerability in IBM Openpages With Watson 9.0 IBM OpenPages with Watson 8.3 and 9.0 may write improperly neutralized data to server log files when the tracing is enabled per the System Tracing feature. | 6.5 |
| 2025-02-20 | CVE-2024-49780 | Unspecified vulnerability in IBM Openpages With Watson 9.0 IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages could allow a remote attacker to traverse directories on the system. | 6.5 |
| 2025-02-06 | CVE-2024-49791 | Cross-site Scripting vulnerability in IBM Applinx 11.1.0 IBM ApplinX 11.1 is vulnerable to cross-site scripting. | 5.4 |
| 2025-02-06 | CVE-2024-49792 | Cross-site Scripting vulnerability in IBM Applinx 11.1.0 IBM ApplinX 11.1 is vulnerable to cross-site scripting. | 5.4 |
| 2025-02-06 | CVE-2024-49793 | Cross-site Scripting vulnerability in IBM Applinx 11.1.0 IBM ApplinX 11.1 is vulnerable to cross-site scripting. | 5.4 |
| 2025-02-06 | CVE-2024-49794 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Applinx 11.1.0 IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 4.3 |
| 2025-02-06 | CVE-2024-49795 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Applinx 11.1.0 IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 4.3 |
| 2025-02-06 | CVE-2024-49797 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Applinx 11.1.0 IBM ApplinX 11.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |
| 2025-02-06 | CVE-2024-49798 | Information Exposure Through an Error Message vulnerability in IBM Applinx 11.1.0 IBM ApplinX 11.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 4.3 |
| 2025-02-06 | CVE-2024-49800 | Cleartext Storage of Sensitive Information vulnerability in IBM Applinx 11.1.0 IBM ApplinX 11.1 stores sensitive information in cleartext in memory that could be obtained by an authenticated user. | 6.5 |