CVSS: 5.4EPSS: 0%CPEs: 47EXPL: 0CVE-2016-5920
https://notcve.org/view.php?id=CVE-2016-5920
Cross-site scripting (XSS) vulnerability in the Web UI in IBM Financial Transaction Manager (FTM) for ACH Services 3.0.0.x before fp0015 and 3.0.1.0 before iFix0002 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en la Web UI en IBM Financial Transaction Manager (FTM) para ACH Services 3.0.0.x en versiones anteriores a fp0015 y 3.0.1.0 en versiones anteriores a iFix0002 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg1PI67537 http://www-01.ibm.com/support/docview.wss?uid=swg21989060 http://www.securityfocus.com/bid/92634 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.7EPSS: 0%CPEs: 47EXPL: 0CVE-2016-3060
https://notcve.org/view.php?id=CVE-2016-3060
Payments Director in IBM Financial Transaction Manager (FTM) for ACH Services, Check Services, and Corporate Payment Services (CPS) 3.0.0.x before fp0015 and 3.0.1.0 before iFix0002 allows remote authenticated users to conduct clickjacking attacks via a crafted web site. Payments Director en IBM Financial Transaction Manager (FTM) para ACH Services, Check Services y Corporate Payment Services (CPS) 3.0.0.x en versiones anteriores a fp0015 y 3.0.1.0 en versiones anteriores a iFix0002 permite a usuarios remotos autenticados llevar a cabo ataques de clickjacking a través de un sitio web manipulado. • http://www-01.ibm.com/support/docview.wss?uid=swg1PI64063 http://www-01.ibm.com/support/docview.wss?uid=swg1PI64064 http://www-01.ibm.com/support/docview.wss?uid=swg1PI67537 http://www-01.ibm.com/support/docview.wss?uid=swg21989060 http://www.securityfocus.com/bid/92633 • CWE-284: Improper Access Control •
CVSS: 4.3EPSS: 0%CPEs: 36EXPL: 0CVE-2016-0232
https://notcve.org/view.php?id=CVE-2016-0232
IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment Services (CPS) 3.0.0 before FP12 allows remote authenticated users to obtain sensitive information by reading README files. IBM Financial Transaction Manager (FTM) para ACH Services, Check Services y Corporate Payment Services (CPS) 3.0.0 en versiones anteriores a FP12 permite a usuarios remotos autenticados obtener información sensible mediante la lectura de archivos README. • http://www-01.ibm.com/support/docview.wss?uid=swg1PI56757 http://www-01.ibm.com/support/docview.wss?uid=swg1PI56758 http://www-01.ibm.com/support/docview.wss?uid=swg1PI56759 http://www-01.ibm.com/support/docview.wss?uid=swg1PI56762 http://www-01.ibm.com/support/docview.wss? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •