Ibm

Curam Social Program Management

46 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2017-1740

  • EPSS 0.27%
  • Published 11.01.2018 17:29:00
  • Last modified 21.11.2024 03:22:17

IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially lea...

5.4

CVE-2017-1739

  • EPSS 0.27%
  • Published 11.01.2018 17:29:00
  • Last modified 21.11.2024 03:22:17

IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, and 7.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...

5.4

CVE-2014-6191

  • EPSS 0.15%
  • Published 19.09.2017 15:29:00
  • Last modified 20.04.2025 01:37:25

Cross-site scripting (XSS) vulnerability in IBM Curam Social Program Management 6.0 SP2, 6.0.4, and 6.0.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 98568.

6.1

CVE-2017-1195

  • EPSS 0.15%
  • Published 29.08.2017 21:29:00
  • Last modified 20.04.2025 01:37:25

IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vu...

6.5

CVE-2017-1110

  • EPSS 0.22%
  • Published 29.08.2017 01:35:13
  • Last modified 20.04.2025 01:37:25

IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 contains an unspecified vulnerability that could allow an authenticated user to view the incidents of a higher privileged user. IBM X-Force ID: 120915.

5.4

CVE-2016-9732

  • EPSS 0.2%
  • Published 29.08.2017 01:35:12
  • Last modified 20.04.2025 01:37:25

IBM Curam Social Program Management 6.0, 6.1, 6.2 and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credenti...

8.8

CVE-2014-8903

  • EPSS 0.85%
  • Published 02.08.2017 19:29:00
  • Last modified 20.04.2025 01:37:25

IBM Curam Social Program Management 6.0 SP2 before EP26, 6.0.4 before 6.0.4.5iFix10 and 6.0.5 before 6.0.5.6 allows remote authenticated users to load arbitrary Java classes via unspecified vectors.

5.4

CVE-2017-1106

  • EPSS 0.25%
  • Published 28.06.2017 18:29:00
  • Last modified 20.04.2025 01:37:25

IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials ...

5.3

CVE-2014-4843

  • EPSS 0.16%
  • Published 08.06.2017 16:29:00
  • Last modified 20.04.2025 01:37:25

Curam Universal Access in IBM Curam Social Program Management (SPM) 6.0 SP2 before EP26, 6.0.4 before 6.0.4.6, and 6.0.5 before 6.0.5.5 iFix5 allows remote attackers to obtain sensitive information about internal caseworker usernames via vectors rela...

5.4

CVE-2016-9980

  • EPSS 0.23%
  • Published 20.04.2017 21:59:01
  • Last modified 20.04.2025 01:37:25

IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials ...