Vulnerabilities > IBM > Robotic Process Automation AS A Service
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-06 | CVE-2022-22503 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM products IBM Robotic Process Automation 21.0.0 could allow a remote attacker to hijack the clicking action of the victim. | 6.1 |
| 2022-06-24 | CVE-2022-22502 | Cross-site Scripting vulnerability in IBM products IBM Robotic Process Automation 21.0.1 and 21.0.2 is vulnerable to cross-site scripting. | 3.5 |
| 2022-06-24 | CVE-2022-33953 | Insufficiently Protected Credentials vulnerability in IBM products IBM Robotic Process Automation 21.0.1 and 21.0.2 could allow a user with psychical access to the system to obtain sensitive information due to insufficiently protected access tokens. | 2.1 |
| 2022-05-09 | CVE-2022-22319 | Unspecified vulnerability in IBM products IBM Robotic Process Automation 21.0.1 could allow a register user on the system to physically delete a queue that could cause disruption for any scripts dependent on the queue. | 5.4 |
| 2022-05-05 | CVE-2022-22433 | Improper Input Validation vulnerability in IBM products IBM Robotic Process Automation 21.0.1 and 21.0.2 is vulnerable to External Service Interaction attack, caused by improper validation of user-supplied input. | 5.0 |
| 2022-05-05 | CVE-2022-22434 | Unspecified vulnerability in IBM products IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a user with physical access to create an API request modified to create additional objects. | 2.1 |