Vulnerabilities > IBM > Tivoli Netcool Omnibus > 7.4.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-01-17 | CVE-2014-3032 | Cross-site Scripting vulnerability in IBM Tivoli Netcool/Omnibus Cross-site scripting (XSS) vulnerability in the Web GUI in IBM Tivoli Netcool/OMNIbus 7.3.0 before 7.3.0.6, 7.3.1 before 7.3.1.7, and 7.4.0 before 7.4.0.3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 3.5 |
2014-05-01 | CVE-2014-0942 | Cross-Site Scripting vulnerability in IBM Tivoli Netcool/Omnibus 7.4.0 Cross-site scripting (XSS) vulnerability in webtop/eventviewer/eventViewer.jsp in the Web GUI in IBM Netcool/OMNIbus 7.4.0 before FP2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2014-0941. | 3.5 |
2014-05-01 | CVE-2014-0941 | Cross-Site Scripting vulnerability in IBM Tivoli Netcool/Omnibus 7.4.0 Cross-site scripting (XSS) vulnerability in webtop/eventviewer/eventViewer.jsp in the Web GUI in IBM Netcool/OMNIbus 7.4.0 before FP2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2014-0942. | 3.5 |