Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-12 | CVE-2016-6114 | Cross-site Scripting vulnerability in IBM Emptoris Sourcing IBM Emptoris Sourcing 9.5.x through 10.1.x is vulnerable to cross-site scripting. | 5.4 |
| 2017-07-10 | CVE-2017-1398 | Open Redirect vulnerability in IBM Websphere Commerce IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 6.0, 7.0, and 8.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |
| 2017-07-10 | CVE-2017-1284 | Information Exposure vulnerability in IBM Websphere MQ 9.0.1/9.0.2 IBM WebSphere MQ 9.0.1 and 9.0.2 could allow a local user with ability to run or enable trace, to obtain sensitive information from WebSphere Application Server traces including user credentials. | 4.7 |
| 2017-07-06 | CVE-2017-1236 | Improper Input Validation vulnerability in IBM Websphere MQ 9.0.2 IBM WebSphere MQ 9.0.2 could allow an authenticated user to potentially cause a denial of service by saving an incorrect channel status inquiry. | 6.5 |
| 2017-07-05 | CVE-2017-1157 | Information Exposure vulnerability in IBM Jazz Reporting Service 5.0/6.0 IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could allow an authenticated attacker to access report data that should be restricted to authorized users. | 4.3 |
| 2017-07-05 | CVE-2017-1096 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-07-05 | CVE-2016-9989 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-07-05 | CVE-2016-9988 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-07-05 | CVE-2016-9987 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-07-05 | CVE-2016-9986 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. | 5.4 |