CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-29730
https://notcve.org/view.php?id=CVE-2021-29730
09 Jul 2021 — IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 201164. IBM InfoSphere Information Server versión 11.7, es vulnerable a una inyección SQL. Un atacante remoto podría enviar sentencias SQL especialmente diseñadas, que podría permitir al atacante visualizar, añadir, modificar o eliminar información en la base de... • https://exchange.xforce.ibmcloud.com/vulnerabilities/201164 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2021-29712
https://notcve.org/view.php?id=CVE-2021-29712
09 Jul 2021 — IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 200966. IBM InfoSphere Information Server versión 11.7, es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, alte... • https://exchange.xforce.ibmcloud.com/vulnerabilities/200966 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-29681
https://notcve.org/view.php?id=CVE-2021-29681
21 May 2021 — IBM InfoSphere Information Server 11.7 could allow an attacker to obtain sensitive information by injecting parameters into an HTML query. This information could be used in further attacks against the system. IBM X-Force ID: 199918. IBM InfoSphere Information Server versión 11.7 podría permitir a un atacante conseguir información confidencial inyectando parámetros en una consulta HTML. Esta información podría ser utilizada en nuevos ataques contra el sistema. • https://exchange.xforce.ibmcloud.com/vulnerabilities/199917 •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-29747
https://notcve.org/view.php?id=CVE-2021-29747
17 May 2021 — IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain highly sensitive information due to a vulnerability in the authentication mechanism. IBM X-Force ID: 201775. IBM InfoSphere Information Server versión 11.7, podría permitir a un atacante remoto obtener información altamente confidencial debido a una vulnerabilidad en el mecanismo de autenticación. IBM X-Force ID: 201775 • https://exchange.xforce.ibmcloud.com/vulnerabilities/201775 •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2020-4997
https://notcve.org/view.php?id=CVE-2020-4997
05 Apr 2021 — IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 192914 IBM InfoSphere Information Server versión 11.7, es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/192914 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2020-4886
https://notcve.org/view.php?id=CVE-2020-4886
13 Nov 2020 — IBM InfoSphere Information Server 11.7 stores sensitive information in the browser's history that could be obtained by a user who has access to the same system. IBM X-Force ID: 190910. IBM InfoSphere Information Server versión 11.7, almacena información confidencial en el historial del navegador que podría ser obtenido por un usuario que tenga acceso al mismo sistema.  IBM X-Force ID: 190910 • https://exchange.xforce.ibmcloud.com/vulnerabilities/190910 • CWE-922: Insecure Storage of Sensitive Information •
CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 0CVE-2020-4741
https://notcve.org/view.php?id=CVE-2020-4741
12 Oct 2020 — IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188197. IBM InfoSphere Information Server versiones 11.5 y 11.7, es vulnerable a un ataque de tipo cross-site scripting almacenado. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbit... • https://exchange.xforce.ibmcloud.com/vulnerabilities/188197 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.2EPSS: 0%CPEs: 2EXPL: 0CVE-2020-4740
https://notcve.org/view.php?id=CVE-2020-4740
12 Oct 2020 — IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 188150. IBM InfoSphere Information Server versiones 11.5 y 11.7, es vulnerable a una inyección HTML. Un atacante remoto podría inyectar código HTML malicioso, que cuando se visualizaba, podría ser ejecutado en el navegador Web de la víctima den... • https://exchange.xforce.ibmcloud.com/vulnerabilities/188150 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-4727
https://notcve.org/view.php?id=CVE-2020-4727
25 Sep 2020 — IBM InfoSphere Information Server 11.7 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM InfoSphere Information Server versión 11.7, podría permitir a un atacante remoto secuestrar la acción de clic de la víctima. Al persuadir a una víctima para que visite un sitio web malicioso,... • https://exchange.xforce.ibmcloud.com/vulnerabilities/187976 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2020-4702
https://notcve.org/view.php?id=CVE-2020-4702
04 Sep 2020 — IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 187187. IBM InfoSphere Information Server versión 11.7, es vulnerable a un ataque de tipo cross-site scripting almacenado. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la interf... • https://exchange.xforce.ibmcloud.com/vulnerabilities/187187 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •