Vulnerabilities > Microfocus > Solutions Business Manager > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-26 | CVE-2019-18946 | Session Fixation vulnerability in Microfocus Solutions Business Manager Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to session fixation. | 4.8 |
| 2021-02-26 | CVE-2019-18944 | Cross-site Scripting vulnerability in Microfocus Solutions Business Manager Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to reflected XSS. | 4.8 |
| 2021-02-26 | CVE-2019-18942 | Cross-site Scripting vulnerability in Microfocus Solutions Business Manager Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to stored XSS. | 4.8 |
| 2019-06-07 | CVE-2019-3477 | Open Redirect vulnerability in Microfocus Solutions Business Manager Micro Focus Solution Business Manager versions prior to 11.4.2 is susceptible to open redirect. | 6.1 |
| 2019-03-27 | CVE-2018-19644 | Cross-site Scripting vulnerability in Microfocus Solutions Business Manager Reflected cross site script issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | 6.1 |
| 2018-06-22 | CVE-2018-7682 | Information Exposure Through Log Files vulnerability in Microfocus Solutions Business Manager Micro Focus Solutions Business Manager versions prior to 11.4 allows a user to invoke SBM RESTful services across domains. | 6.5 |
| 2018-06-21 | CVE-2018-7681 | Cross-site Scripting vulnerability in Microfocus Solutions Business Manager Micro Focus Solutions Business Manager versions prior to 11.4 allows JavaScript to be embedded in URLs placed in "Favorites" folder. | 4.8 |
| 2018-06-21 | CVE-2018-7680 | Cross-site Scripting vulnerability in Microfocus Solutions Business Manager Micro Focus Solutions Business Manager versions prior to 11.4 can reflect back HTTP header values. | 6.1 |