Vulnerabilities > IBM > Spectrum Symphony > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-10 | CVE-2023-24975 | Improper Input Validation vulnerability in IBM Spectrum Symphony 7.3.0 IBM Spectrum Symphony 7.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 6.1 |
| 2018-10-11 | CVE-2018-1706 | Cross-site Scripting vulnerability in IBM Spectrum Symphony 7.2.0.2 IBM Spectrum Symphony 7.2.0.2 is vulnerable to cross-site scripting. | 5.4 |
| 2018-09-28 | CVE-2018-1704 | Open Redirect vulnerability in IBM Platform Symphony and Spectrum Symphony IBM Platform Symphony 7.1 Fix Pack 1 and 7.1.1 and IBM Spectrum Symphony 7.1.2 and 7.2.0.2 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 5.4 |
| 2018-08-28 | CVE-2018-1705 | Information Exposure vulnerability in IBM Platform Symphony and Spectrum Symphony IBM Platform Symphony 7.1 Fix Pack 1 and 7.1.1 and IBM Spectrum Symphony 7.1.2 and 7.2.0.2 contain an information disclosure vulnerability that could allow an authenticated attacker to obtain highly sensitive information. | 6.5 |