CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-1613
https://notcve.org/view.php?id=CVE-2017-1613
IBM Connections 6.0 could allow an unauthenticated remote attacker to gain unauthenticated or unauthorized access to non-sensitive Engagement Center template data. IBM X-Force ID: 132954. IBM Connections 6.0 podría permitir que un atacante remoto no autenticado obtenga acceso sin autenticar o sin autorizar a datos de la plantilla de Engagement Center no sensibles. IBM X-Force ID: 132954. • http://www.ibm.com/support/docview.wss?uid=swg22010690 http://www.securityfocus.com/bid/102051 https://exchange.xforce.ibmcloud.com/vulnerabilities/132954 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2017-1683
https://notcve.org/view.php?id=CVE-2017-1683
IBM Connections Engagement Center 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 134005. IBM Connections Engagement Center 6.0 es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. • http://www.ibm.com/support/docview.wss?uid=swg22010690 http://www.securityfocus.com/bid/102051 https://exchange.xforce.ibmcloud.com/vulnerabilities/134005 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2017-1498
https://notcve.org/view.php?id=CVE-2017-1498
IBM Connections 5.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 129020. IBM Connections 5.5 es vulnerable a Cross-Site Scripting (XSS) Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. Esto podría dar lugar a una revelación de credenciales en una sesión de confianza. • http://www.ibm.com/support/docview.wss?uid=swg22006286 http://www.securityfocus.com/bid/102048 https://exchange.xforce.ibmcloud.com/vulnerabilities/129020 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2016-5932
https://notcve.org/view.php?id=CVE-2016-5932
IBM Connections 4.0, 4.5, 5.0, and 5.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1998294. BM Connections 4.0, 4.5, 5.0 y 5.5 son vulnerables a XSS. Esta vulnerabilidad permite a usuarios incrustar código JavaScript arbitrario en la interfaz web alterando así la funcionalidad prevista que podría conducir a la divulgación de credenciales dentro de una sesión de confianza. • http://www.ibm.com/support/docview.wss?uid=swg21998294 http://www.securityfocus.com/bid/96453 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2016-0308
https://notcve.org/view.php?id=CVE-2016-0308
IBM Connections 5.5 and earlier is vulnerable to possible link manipulation attack that could result in the display of inappropriate background images. IBM Connections 5.5 y versiones anteriores es vulnerable a un posible ataque de manipulación de link que podría resultar en la revelación de imágenes de background inapropiadas. • http://www.ibm.com/support/docview.wss?uid=swg21986770 http://www.securityfocus.com/bid/92439 • CWE-284: Improper Access Control •