Ibm

Openpages Grc Platform

22 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2017-1148

  • EPSS 0.22%
  • Veröffentlicht 01.11.2017 21:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

IBM OpenPages GRC Platform 7.2 and 7.3 with OpenPages Loss Event Entry (LEE) application could allow a user to obtain sensitive information including private APIs that could be used in further attacks against the system. IBM X-Force ID: 122201.

5.4

CVE-2016-3048

  • EPSS 0.27%
  • Veröffentlicht 01.11.2017 21:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosur...

5.4

CVE-2016-3049

  • EPSS 0.18%
  • Veröffentlicht 24.10.2017 21:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-...

6.5

CVE-2015-5049

  • EPSS 0.13%
  • Veröffentlicht 01.01.2016 05:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

SQL injection vulnerability in the API in IBM OpenPages GRC Platform 7.0 before 7.0.0.4 IF3 and 7.1 before 7.1.0.1 IF6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

6.8

CVE-2015-0145

  • EPSS 0.1%
  • Veröffentlicht 03.10.2015 22:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site request forgery (CSRF) vulnerability in IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to hijack the authentication of arbitrary users for requests ...

3.5

CVE-2015-0144

  • EPSS 0.17%
  • Veröffentlicht 03.10.2015 22:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a differen...

4

CVE-2015-0143

  • EPSS 0.16%
  • Veröffentlicht 03.10.2015 22:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to obtain sensitive information by reading error messages.

4

CVE-2015-0142

  • EPSS 0.36%
  • Veröffentlicht 03.10.2015 22:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to cause a denial of service (maintenance-mode transition and data-storage outage) by calling the System Adminis...

4

CVE-2015-0141

  • EPSS 0.2%
  • Veröffentlicht 03.10.2015 22:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to modify arbitrary user filters via a JSON request.

3.5

CVE-2014-8916

  • EPSS 0.17%
  • Veröffentlicht 03.10.2015 22:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a differen...