Vulnerabilities > IBM > Security Risk Manager ON Cp4S

DATE CVE VULNERABILITY TITLE RISK
2021-10-19 CVE-2021-29912 Cross-site Scripting vulnerability in IBM Security Risk Manager on Cp4S 1.7.0.0
IBM Security Risk Manager on CP4S 1.7.0.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-10-19 CVE-2021-38911 Cleartext Storage of Sensitive Information vulnerability in IBM Security Risk Manager on Cp4S 1.7.2.0
IBM Security Risk Manager on CP4S 1.7.0.0 stores user credentials in plain clear text which can be read by a an authenticatedl privileged user.
network
low complexity
ibm CWE-312
4.9