Ibm

Tririga Application Platform

46 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2016-0345

  • EPSS 0.12%
  • Veröffentlicht 21.02.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 02:41:31

IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to obtain the installation path via vectors involving Birt report rendering. IBM X-Force ID: 111786.

8

CVE-2016-0348

  • EPSS 0.17%
  • Veröffentlicht 21.02.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 02:41:32

Cross-site request forgery (CSRF) vulnerability in IBM TRIRIGA Application Platform 3.3, 3.3.1, 3.3.2, and 3.4 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. IBM X-Force ID: 111813.

5.5

CVE-2016-0342

  • EPSS 0.09%
  • Veröffentlicht 02.02.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 02:41:31

IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to read or modify arbitrary reports by leveraging an incorrect grant of access. IBM X-Force ID: 111783.

7.5

CVE-2016-0312

  • EPSS 0.24%
  • Veröffentlicht 02.02.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 02:41:28

IBM TRIRIGA Application Platform before 3.3.2 allows remote attackers to obtain sensitive information via vectors related to granting unauthenticated access to Document Manager. IBM X-Force ID: 111486.

5.5

CVE-2016-0300

  • EPSS 0.14%
  • Veröffentlicht 02.02.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 02:41:27

IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 might allow remote attackers to access arbitrary JSP pages via vectors related to improper input validation. IBM X-Force ID: 111412.

5.4

CVE-2017-1465

  • EPSS 0.12%
  • Veröffentlicht 07.12.2017 15:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

IBM TRIRIGA 3.2, 3.3, 3.4, and 3.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click action...

6.5

CVE-2017-1374

  • EPSS 0.26%
  • Veröffentlicht 21.07.2017 20:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Sensitive data can be exposed in the IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 that can lead to an attacker gaining unauthorized access to the system. IBM X-Force ID: 126867.

8.8

CVE-2017-1373

  • EPSS 0.6%
  • Veröffentlicht 21.07.2017 20:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Reports executed in the IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 contains a vulnerability that could allow an authenticated user to execute a report they do not have access to. IBM X-Force ID: 126866.

5.4

CVE-2017-1372

  • EPSS 0.2%
  • Veröffentlicht 21.07.2017 20:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials dis...

8.8

CVE-2017-1371

  • EPSS 0.46%
  • Veröffentlicht 21.07.2017 20:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Builder tools running in the IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 contains a vulnerability that could allow an authenticated user to execute Builder tool actions they do not have access to. IBM X-Force ID: 126864.