CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45644 – IBM Security ReaQta file upload
https://notcve.org/view.php?id=CVE-2024-45644
19 Mar 2025 — IBM Security ReaQta 3.12 allows a privileged user to upload or transfer files of dangerous types that can be automatically processed within the product's environment. • https://www.ibm.com/support/pages/node/7186613 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45654 – IBM Security ReaQta improper input validation
https://notcve.org/view.php?id=CVE-2024-45654
19 Jan 2025 — IBM Security ReaQta 3.12 could allow an authenticated user to perform unauthorized actions due to reliance on untrusted inputs. • https://www.ibm.com/support/pages/node/7175072 • CWE-807: Reliance on Untrusted Inputs in a Security Decision •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45642 – IBM Security ReaQta information disclosure
https://notcve.org/view.php?id=CVE-2024-45642
14 Nov 2024 — IBM Security ReaQta 3.12 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. • https://www.ibm.com/support/pages/node/7172212 • CWE-942: Permissive Cross-domain Policy with Untrusted Domains •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45099 – IBM Security ReaQta cross-site scripting
https://notcve.org/view.php?id=CVE-2024-45099
14 Nov 2024 — IBM Security ReaQta 3.12 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. • https://www.ibm.com/support/pages/node/7172212 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •