CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50964 – IBM InfoSphere Information Server cross-site scripting
https://notcve.org/view.php?id=CVE-2023-50964
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. ... IBM InfoSphere Information Server 11.7 es vulnerable a cross site scripting. • https://exchange.xforce.ibmcloud.com/vulnerabilities/276102 https://www.ibm.com/support/pages/node/7159060 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28794 – IBM InfoSphere Information Server cross-site scripting
https://notcve.org/view.php?id=CVE-2024-28794
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. ... IBM InfoSphere Information Server 11.7 es vulnerable a cross site scripting. • https://exchange.xforce.ibmcloud.com/vulnerabilities/286831 https://www.ibm.com/support/pages/node/7158444 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50953 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2023-50953
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. ... IBM InfoSphere Information Server 11.7 podría permitir a un atacante remoto obtener información confidencial cuando se devuelve un mensaje de error técnico detallado. • https://exchange.xforce.ibmcloud.com/vulnerabilities/275775 https://www.ibm.com/support/pages/node/7159057 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28797 – IBM InfoSphere Information Server cross-site scripting
https://notcve.org/view.php?id=CVE-2024-28797
IBM InfoSphere Information Server 11.7 is vulnerable stored to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. ... IBM InfoSphere Information Server 11.7 es vulnerable cross site scripting almacenado. • https://exchange.xforce.ibmcloud.com/vulnerabilities/287136 https://www.ibm.com/support/pages/node/7158431 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50954 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2023-50954
IBM InfoSphere Information Server 11.7 returns sensitive information in URL information that could be used in further attacks against the system. ... IBM InfoSphere Information Server 11.7 devuelve información confidencial en información URL que podría usarse en futuros ataques contra el sistema. • https://exchange.xforce.ibmcloud.com/vulnerabilities/275776 https://www.ibm.com/support/pages/node/7158597 • CWE-598: Use of GET Request Method With Sensitive Query Strings •