NotCVE - vendor:"Ibm" product:"Robotic Process Automation As A Service" version:"

Page 2 of 13 results (0.001 seconds)

CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 0

CVE-2022-22503

https://notcve.org/view.php?id=CVE-2022-22503

06 Oct 2022 — IBM Robotic Process Automation 21.0.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 227125. IBM Robotic Process Automation 21.0.0, podría permitir a un atacante remoto secuestrar la acción de hacer clic de la víctima. Al persuadir a una víctima para que visite un sitio... • https://exchange.xforce.ibmcloud.com/vulnerabilities/227125 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •

CVSS: 4.6EPSS: 0%CPEs: 3EXPL: 0

CVE-2022-33953

https://notcve.org/view.php?id=CVE-2022-33953

24 Jun 2022 — IBM Robotic Process Automation 21.0.1 and 21.0.2 could allow a user with psychical access to the system to obtain sensitive information due to insufficiently protected access tokens. IBM X-Force ID: 229198. IBM Robotic Process Automation versiones 21.0.1 y 21.0.2, podría permitir a un usuario con acceso psíquico al sistema obtener información confidencial debido a tokens de acceso insuficientemente protegidos. IBM X-Force ID: 229198 • https://exchange.xforce.ibmcloud.com/vulnerabilities/229198 • CWE-522: Insufficiently Protected Credentials •

CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0

CVE-2022-22502

https://notcve.org/view.php?id=CVE-2022-22502

24 Jun 2022 — IBM Robotic Process Automation 21.0.1 and 21.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 227124. IBM Robotic Process Automation versiones 21.0.1 y 21.0.2, es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/227124 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

1 2