Ibm

Openpages Grc Platform

22 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2024-27257

  • EPSS 0.07%
  • Veröffentlicht 10.09.2024 15:15:15
  • Zuletzt bearbeitet 16.09.2024 14:26:15

IBM OpenPages 8.3 and 9.0 potentially exposes information about client-side source code through use of JavaScript source maps to unauthorized users.

6.5

CVE-2024-35151

  • EPSS 0.07%
  • Veröffentlicht 22.08.2024 11:15:13
  • Zuletzt bearbeitet 23.08.2024 15:32:15

IBM OpenPages with Watson 8.3 and 9.0 could allow authenticated users access to sensitive information through improper authorization controls on APIs.

4.3

CVE-2020-4536

  • EPSS 0.1%
  • Veröffentlicht 11.05.2021 16:15:07
  • Zuletzt bearbeitet 21.11.2024 05:32:52

IBM OpenPages GRC Platform 8.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 182...

5.4

CVE-2020-4535

  • EPSS 0.19%
  • Veröffentlicht 11.05.2021 16:15:07
  • Zuletzt bearbeitet 21.11.2024 05:32:51

IBM OpenPages GRC Platform 8.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a tru...

5.5

CVE-2017-1679

  • EPSS 0.05%
  • Veröffentlicht 10.09.2018 14:29:01
  • Zuletzt bearbeitet 21.11.2024 03:22:12

IBM OpenPages GRC Platform 7.2, 7.3, 7.4, and 8.0 could allow an attacker to obtain sensitive information from error log files. IBM X-Force ID: 134001.

3.3

CVE-2016-0234

  • EPSS 0.03%
  • Veröffentlicht 30.08.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 02:41:19

IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 could allow a local user to obtain sensitive information when a previous user has logged out of the system but neglected to close their browser. IBM X-Force ID: 110303.

5.4

CVE-2017-1147

  • EPSS 0.27%
  • Veröffentlicht 01.11.2017 21:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosur...

5.3

CVE-2017-1333

  • EPSS 0.2%
  • Veröffentlicht 01.11.2017 21:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 could allow an unauthenticated user to obtain sensitive information about the server that could be used in future attacks against the system. IBM X-Force ID: 126241.

8.8

CVE-2017-1300

  • EPSS 0.17%
  • Veröffentlicht 01.11.2017 21:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 125162.

5.4

CVE-2017-1290

  • EPSS 0.27%
  • Veröffentlicht 01.11.2017 21:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosur...