Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-08-29 | CVE-2017-1485 | Cross-site Scripting vulnerability in IBM Cognos Analytics IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. | 5.4 |
2017-08-29 | CVE-2017-1428 | Improper Input Validation vulnerability in IBM Cognos Analytics IBM Cognos Analytics 11.0 could allow a remote attacker to hijack the clicking action of the victim. | 6.1 |
2017-08-29 | CVE-2017-1427 | Cross-site Scripting vulnerability in IBM Cognos Analytics IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. | 6.1 |
2017-08-29 | CVE-2017-1195 | Open Redirect vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |
2017-08-29 | CVE-2016-2980 | Injection vulnerability in IBM Sametime The Sametime WebPlayer 8.5.2 and 9.0 is vulnerable to a script injection where a malicious site can inject their own script by exploiting a vulnerability in the way that the WebPlayer works. | 6.3 |
2017-08-29 | CVE-2016-2976 | Information Exposure vulnerability in IBM Sametime IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting invitee to obtain previously cleared sensitive information by viewing the meeting report history. | 4.3 |
2017-08-29 | CVE-2016-2975 | Cross-site Scripting vulnerability in IBM Sametime IBM Sametime 8.5.2 and 9.0 is vulnerable to cross-site scripting. | 5.4 |
2017-08-29 | CVE-2016-2967 | Cross-site Scripting vulnerability in IBM Sametime IBM Sametime 8.5.2 and 9.0 is vulnerable to cross-site scripting. | 5.4 |
2017-08-29 | CVE-2016-2966 | Information Exposure vulnerability in IBM Sametime IBM Sametime 8.5.1 and 9.0 could allow an authenticated user to enumerate meeting rooms by guessing the meeting room id. | 4.3 |
2017-08-29 | CVE-2016-2964 | Information Exposure vulnerability in IBM Sametime IBM Sametime 8.5.2 and 9.0 under certain conditions provides an error message to a user that is too detailed and may reveal details about the application. | 5.3 |