CVE-2024-45640
- EPSS 0.14%
- Veröffentlicht 07.01.2025 13:15:07
- Zuletzt bearbeitet 15.07.2025 20:17:17
IBM Security ReaQta 3.12 returns sensitive information in an HTTP response that could be used in further attacks against the system.
CVE-2024-45642
- EPSS 0.07%
- Veröffentlicht 14.11.2024 12:15:18
- Zuletzt bearbeitet 16.11.2024 00:13:06
IBM Security ReaQta 3.12 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within...
CVE-2024-45099
- EPSS 0.15%
- Veröffentlicht 14.11.2024 12:15:17
- Zuletzt bearbeitet 16.11.2024 00:11:09
IBM Security ReaQta 3.12 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within...
CVE-2023-33860
- EPSS 0.05%
- Veröffentlicht 10.07.2024 16:15:03
- Zuletzt bearbeitet 19.05.2025 16:15:24
IBM Security QRadar EDR 3.12 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The coo...
CVE-2023-35006
- EPSS 0.1%
- Veröffentlicht 10.07.2024 16:15:03
- Zuletzt bearbeitet 15.09.2025 20:15:34
IBM Security QRadar EDR 3.12 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site.
CVE-2023-33859
- EPSS 0.12%
- Veröffentlicht 10.07.2024 16:15:02
- Zuletzt bearbeitet 21.11.2024 08:06:05
IBM Security QRadar EDR 3.12 could disclose sensitive information due to an observable login response discrepancy. IBM X-Force ID: 257697.