Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-05 | CVE-2016-3015 | Cross-site Scripting vulnerability in IBM Cognos Analytics IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-03-31 | CVE-2017-1171 | Unspecified vulnerability in IBM Tririga Application Platform The IBM TRIRIGA Application Platform 3.3, 3,4, and 3,5 contain a vulnerability that could allow an authenticated user to execute Application actions they do not have access to. | 4.3 |
| 2017-03-31 | CVE-2017-1154 | Information Exposure vulnerability in IBM Algo ONE 4.9.1/5.0.0/5.1.0 IBM Algorithmics One-Algo Risk Application 4.9.1, 5.0, and 5.1.0 could allow a user to gain access to files in the local environment which should not be viewed by application users. | 6.5 |
| 2017-03-31 | CVE-2016-9990 | Cross-site Scripting vulnerability in IBM Inotes IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. | 6.1 |
| 2017-03-31 | CVE-2016-8935 | Cross-site Scripting vulnerability in IBM Kenexa LMS IBM Kenexa LMS on Cloud 13.1, 13.2, 13.2.2, 13.2.3, 13.2.4 and 14.0.0 are vulnerable to cross-site scripting. | 5.4 |
| 2017-03-31 | CVE-2016-6036 | Cross-site Scripting vulnerability in IBM Rational Quality Manager IBM Rational Quality Manager (RQM) 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting. | 5.4 |
| 2017-03-31 | CVE-2016-6031 | Cross-site Scripting vulnerability in IBM Rational Quality Manager IBM Rational Quality Manager 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting. | 5.4 |
| 2017-03-31 | CVE-2016-6022 | Cross-site Scripting vulnerability in IBM Rational Quality Manager IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting. | 5.4 |
| 2017-03-27 | CVE-2017-1143 | Information Exposure vulnerability in IBM Kenexa Lcms Premier IBM Kenexa LCMS Premier on Cloud 9.x and 10.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.3 |
| 2017-03-27 | CVE-2017-1142 | Information Exposure vulnerability in IBM Kenexa Lcms Premier IBM Kenexa LCMS Premier on Cloud 9.x and 10.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for the session cookie in SSL mode. | 6.5 |