CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2020-4997
https://notcve.org/view.php?id=CVE-2020-4997
05 Apr 2021 — IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 192914 IBM InfoSphere Information Server versión 11.7, es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/192914 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 1CVE-2020-27583
https://notcve.org/view.php?id=CVE-2020-27583
21 Jan 2021 — IBM InfoSphere Information Server 8.5.0.0 is affected by deserialization of untrusted data which could allow remote unauthenticated attackers to execute arbitrary code. NOTE: This vulnerability only affects products that are no longer supported by the maintainer IBM InfoSphere Information Server versión 8.5.0.0, está afectado por una deserialización de datos que no son confiables, lo que podría permitir a atacantes remotos no autenticados ejecutar código arbitrario. NOTA: Esta vulnerabilidad solo afect... • https://n4nj0.github.io/advisories/ibm-infosphere-java-deserialization • CWE-502: Deserialization of Untrusted Data •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2020-4886
https://notcve.org/view.php?id=CVE-2020-4886
13 Nov 2020 — IBM InfoSphere Information Server 11.7 stores sensitive information in the browser's history that could be obtained by a user who has access to the same system. IBM X-Force ID: 190910. IBM InfoSphere Information Server versión 11.7, almacena información confidencial en el historial del navegador que podría ser obtenido por un usuario que tenga acceso al mismo sistema.  IBM X-Force ID: 190910 • https://exchange.xforce.ibmcloud.com/vulnerabilities/190910 • CWE-922: Insecure Storage of Sensitive Information •
CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 0CVE-2020-4741
https://notcve.org/view.php?id=CVE-2020-4741
12 Oct 2020 — IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188197. IBM InfoSphere Information Server versiones 11.5 y 11.7, es vulnerable a un ataque de tipo cross-site scripting almacenado. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbit... • https://exchange.xforce.ibmcloud.com/vulnerabilities/188197 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.2EPSS: 0%CPEs: 2EXPL: 0CVE-2020-4740
https://notcve.org/view.php?id=CVE-2020-4740
12 Oct 2020 — IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 188150. IBM InfoSphere Information Server versiones 11.5 y 11.7, es vulnerable a una inyección HTML. Un atacante remoto podría inyectar código HTML malicioso, que cuando se visualizaba, podría ser ejecutado en el navegador Web de la víctima den... • https://exchange.xforce.ibmcloud.com/vulnerabilities/188150 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-4727
https://notcve.org/view.php?id=CVE-2020-4727
25 Sep 2020 — IBM InfoSphere Information Server 11.7 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM InfoSphere Information Server versión 11.7, podría permitir a un atacante remoto secuestrar la acción de clic de la víctima. Al persuadir a una víctima para que visite un sitio web malicioso,... • https://exchange.xforce.ibmcloud.com/vulnerabilities/187976 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2020-4702
https://notcve.org/view.php?id=CVE-2020-4702
04 Sep 2020 — IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 187187. IBM InfoSphere Information Server versión 11.7, es vulnerable a un ataque de tipo cross-site scripting almacenado. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la interf... • https://exchange.xforce.ibmcloud.com/vulnerabilities/187187 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2012-4818
https://notcve.org/view.php?id=CVE-2012-4818
28 Aug 2020 — IBM InfoSphere Information Server 8.1, 8.5, and 8,7 could allow a remote authenticated attacker to obtain sensitive information, caused by improper restrictions on directories. An attacker could exploit this vulnerability via the DataStage application to load or import content functionality to view arbitrary files on the system. IBM InfoSphere Information Server versiones 8.1, 8.5 y 8.7, podría permitir a un atacante remoto autenticado obtener información sensible, causada por restricciones inapropiadas en ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/78651 •
CVSS: 9.3EPSS: 1%CPEs: 5EXPL: 0CVE-2020-4305
https://notcve.org/view.php?id=CVE-2020-4305
09 Jul 2020 — IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 176677. IBM InfoSphere Information Server versiones 11.3, 11.5 y 11.7, podría permitir a un atacante remoto ejecutar código arbitrario en el sistema, causado por la deserial... • https://exchange.xforce.ibmcloud.com/vulnerabilities/176677 • CWE-502: Deserialization of Untrusted Data •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2020-4298
https://notcve.org/view.php?id=CVE-2020-4298
19 May 2020 — IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 176475. IBM InfoSphere Information Server versiones 11.3, 11.5 y 11.7, es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en l... • https://exchange.xforce.ibmcloud.com/vulnerabilities/176475 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •