CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2022-34166
https://notcve.org/view.php?id=CVE-2022-34166
08 Jul 2022 — IBM CICS TX Standard and Advanced 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229430. IBM CICS TX Standard y Advanced versión 11.1, es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, altera... • https://exchange.xforce.ibmcloud.com/vulnerabilities/229430 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-34160
https://notcve.org/view.php?id=CVE-2022-34160
08 Jul 2022 — IBM CICS TX Standard and Advanced 11.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 229330. IBM CICS TX Standard y Advanced versión 11.1, es vulnerable a una inyección de HTML. Un atacante remoto podría inyectar código HTML malicioso que, cuando sea visualizado, será ejecutado en el navegador web de la víctima dentro del contexto de segurid... • https://exchange.xforce.ibmcloud.com/vulnerabilities/229330 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-31767
https://notcve.org/view.php?id=CVE-2022-31767
24 Jun 2022 — IBM CICS TX Standard and Advanced 11.1 could allow a remote attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 227980. IBM CICS TX Standard y Advanced versión 11.1, podría permitir a un atacante remoto ejecutar comandos arbitrarios en el sistema mediante el envío de una petición especialmente diseñada. IBM X-Force ID: 227980 • https://exchange.xforce.ibmcloud.com/vulnerabilities/227980 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •