Ibm

Content Navigator

38 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2024-51475

  • EPSS 0.06%
  • Published 16.05.2025 01:15:51
  • Last modified 04.06.2025 20:02:45

IBM Content Navigator 3.0.11, 3.0.15, and 3.1.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site.

5.4

CVE-2024-56341

  • EPSS 0.03%
  • Published 02.04.2025 15:15:57
  • Last modified 13.08.2025 00:33:27

IBM Content Navigator 3.0.11, 3.0.15, and 3.1.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cr...

5.4

CVE-2023-35896

  • EPSS 0.05%
  • Published 03.11.2023 03:15:07
  • Last modified 21.11.2024 08:08:56

IBM Content Navigator 3.0.13 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X...

5.4

CVE-2023-40684

  • EPSS 0.07%
  • Published 04.10.2023 14:15:10
  • Last modified 21.11.2024 08:19:58

IBM Content Navigator 3.0.11, 3.0.13, and 3.0.14 with IBM Daeja ViewOne Virtual is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potential...

8.8

CVE-2022-43581

  • EPSS 0.14%
  • Published 07.12.2022 18:15:10
  • Last modified 21.11.2024 07:26:49

IBM Content Navigator 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.10, 3.0.11, and 3.0.12 is vulnerable to missing authorization and could allow an authenticated user to load external plugins and execute code. IBM X-Forc...

6.5

CVE-2021-29714

  • EPSS 0.2%
  • Published 09.08.2021 16:15:07
  • Last modified 21.11.2024 06:01:41

IBM Content Navigator 3.0.CD could allow a malicious user to cause a denial of service due to improper input validation. IBM X-Force ID: 200968.

5.4

CVE-2021-20448

  • EPSS 0.14%
  • Published 27.04.2021 17:15:08
  • Last modified 21.11.2024 05:46:36

IBM Content Navigator 3.0.CD is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trust...

5.4

CVE-2021-20549

  • EPSS 0.16%
  • Published 27.04.2021 17:15:08
  • Last modified 21.11.2024 05:46:45

IBM Content Navigator 3.0.CD is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trust...

5.4

CVE-2021-20550

  • EPSS 0.16%
  • Published 27.04.2021 17:15:08
  • Last modified 21.11.2024 05:46:45

IBM Content Navigator 3.0.CD is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trust...

4.3

CVE-2020-4934

  • EPSS 0.16%
  • Published 02.02.2021 15:15:16
  • Last modified 21.11.2024 05:33:26

IBM Content Navigator 3.0.CD could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 1917...