Vulnerabilities > IBM > Security Access Manager FOR Enterprise Single Sign ON > 8.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-12-23 | CVE-2013-5420 | Permissions, Privileges, and Access Controls vulnerability in IBM Security Access Manager for Enterprise Single Sign-On 8.2 The IMS server before Ifix 6 in IBM Security Access Manager for Enterprise Single Sign-On (ISAM ESSO) 8.2 allows remote authenticated users to read log files by leveraging helpdesk privileges for a direct request. | 3.5 |
2013-12-22 | CVE-2013-6745 | Cross-Site Scripting vulnerability in IBM Security Access Manager for Enterprise Single Sign-On 8.2 Cross-site scripting (XSS) vulnerability in the IMS server before Ifix 6 in IBM Security Access Manager for Enterprise Single Sign-On (ISAM ESSO) 8.2 allows remote authenticated users to inject arbitrary web script or HTML via crafted input to an unspecified dynamic web form. | 3.5 |
2013-12-22 | CVE-2013-5421 | Cross-Site Scripting vulnerability in IBM Security Access Manager for Enterprise Single Sign-On 8.2 Cross-site scripting (XSS) vulnerability in the IMS server before Ifix 6 in IBM Security Access Manager for Enterprise Single Sign-On (ISAM ESSO) 8.2 allows remote attackers to inject arbitrary web script or HTML via crafted input to an unspecified dynamic web form. | 4.3 |