Vulnerabilities > IBM > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-03-31 CVE-2016-9990 Cross-site Scripting vulnerability in IBM Inotes
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
6.1
2017-03-31 CVE-2016-8935 Cross-site Scripting vulnerability in IBM Kenexa LMS
IBM Kenexa LMS on Cloud 13.1, 13.2, 13.2.2, 13.2.3, 13.2.4 and 14.0.0 are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-03-31 CVE-2016-6036 Cross-site Scripting vulnerability in IBM Rational Quality Manager
IBM Rational Quality Manager (RQM) 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-03-31 CVE-2016-6031 Cross-site Scripting vulnerability in IBM Rational Quality Manager
IBM Rational Quality Manager 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-03-31 CVE-2016-6022 Cross-site Scripting vulnerability in IBM Rational Quality Manager
IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-03-27 CVE-2017-1143 Information Exposure vulnerability in IBM Kenexa Lcms Premier
IBM Kenexa LCMS Premier on Cloud 9.x and 10.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security.
network
high complexity
ibm CWE-200
5.3
2017-03-27 CVE-2017-1142 Information Exposure vulnerability in IBM Kenexa Lcms Premier
IBM Kenexa LCMS Premier on Cloud 9.x and 10.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for the session cookie in SSL mode.
network
low complexity
ibm CWE-200
6.5
2017-03-27 CVE-2017-1120 Cross-site Scripting vulnerability in IBM Websphere Portal 8.5/9.0
IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
6.1
2017-03-27 CVE-2016-9737 Cross-site Scripting vulnerability in IBM Tririga Application Platform
IBM TRIRIGA 3.3, 3.4, and 3.5 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-03-27 CVE-2016-6056 Cross-site Scripting vulnerability in IBM Call Center for Commerce 9.3/9.4
IBM Call Center for Commerce 9.3 and 9.4 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4