CVSS: 5.4EPSS: 0%CPEs: 47EXPL: 0CVE-2016-5920
https://notcve.org/view.php?id=CVE-2016-5920
29 Oct 2016 — Cross-site scripting (XSS) vulnerability in the Web UI in IBM Financial Transaction Manager (FTM) for ACH Services 3.0.0.x before fp0015 and 3.0.1.0 before iFix0002 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en la Web UI en IBM Financial Transaction Manager (FTM) para ACH Services 3.0.0.x en versiones anteriores a fp0015 y 3.0.1.0 en versiones anteriores a iFix0002 permite a usuarios remotos autenticados inyectar secuencias de coma... • http://www-01.ibm.com/support/docview.wss?uid=swg1PI67537 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.7EPSS: 0%CPEs: 47EXPL: 0CVE-2016-3060
https://notcve.org/view.php?id=CVE-2016-3060
29 Oct 2016 — Payments Director in IBM Financial Transaction Manager (FTM) for ACH Services, Check Services, and Corporate Payment Services (CPS) 3.0.0.x before fp0015 and 3.0.1.0 before iFix0002 allows remote authenticated users to conduct clickjacking attacks via a crafted web site. Payments Director en IBM Financial Transaction Manager (FTM) para ACH Services, Check Services y Corporate Payment Services (CPS) 3.0.0.x en versiones anteriores a fp0015 y 3.0.1.0 en versiones anteriores a iFix0002 permite a usuarios remot... • http://www-01.ibm.com/support/docview.wss?uid=swg1PI64063 • CWE-284: Improper Access Control •