Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-15 | CVE-2022-43874 | Cross-site Scripting vulnerability in IBM APP Connect Enterprise Certified Container IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, 6.2, and 7.0 is vulnerable to cross-site scripting. | 6.1 |
| 2023-03-10 | CVE-2023-24975 | Improper Input Validation vulnerability in IBM Spectrum Symphony 7.3.0 IBM Spectrum Symphony 7.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 6.1 |
| 2023-03-02 | CVE-2022-35645 | Cross-site Scripting vulnerability in IBM Maximo Application Suite and Maximo Asset Management IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, 7.6.1.3 and IBM Maximo Application Suite 8.8 and 8.9 is vulnerable to stored cross-site scripting. | 5.4 |
| 2023-02-27 | CVE-2023-22860 | Cross-site Scripting vulnerability in IBM Cloud PAK for Business Automation IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to stored cross-site scripting. | 5.4 |
| 2023-02-24 | CVE-2022-43923 | Information Exposure Through Log Files vulnerability in IBM Maximo Application Suite 8.8.0/8.9.0 IBM Maximo Application Suite 8.8.0 and 8.9.0 stores potentially sensitive information that could be read by a local user. | 5.5 |
| 2023-02-22 | CVE-2022-43578 | Cross-site Scripting vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 is vulnerable to cross-site scripting. | 5.4 |
| 2023-02-22 | CVE-2022-43870 | Information Exposure Through Log Files vulnerability in IBM Spectrum Virtualize 8.3.0.0/8.4.0.0/8.5.0.0 IBM Spectrum Virtualize 8.3, 8.4, and 8.5 could disclose SNMPv3 server credentials to an authenticated user in log files. | 6.5 |
| 2023-02-21 | CVE-2023-25928 | Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. | 5.4 |
| 2023-02-17 | CVE-2022-43579 | Cross-site Scripting vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 is vulnerable to cross-site scripting. | 5.4 |
| 2023-02-17 | CVE-2022-36775 | Injection vulnerability in IBM products IBM Security Verify Access 10.0.0.0, 10.0.1.0, 10.0.2.0, 10.0.3.0, and10.0.4.0 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 6.5 |