CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2020-4768
https://notcve.org/view.php?id=CVE-2020-4768
11 Feb 2021 — IBM Case Manager 5.2 and 5.3 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188907. IBM Case Manager versiones 5.2 y 5.3 e IBM Business Automation Workflow versiones 18.0, 19.0 y 20.0, son vulnerables a ataques de tipo cross-site scripting. Esta ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/188907 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 6EXPL: 0CVE-2019-4426
https://notcve.org/view.php?id=CVE-2019-4426
13 Dec 2019 — The Case Builder component shipped with 18.0.0.1 through 19.0.0.2 and IBM Case Manager 5.1.1 through 5.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 162772. El componente Case Builder entregado con versiones 18.0.0.1 hasta 19.0.0.2 e IBM Case Manager versiones 5.1.1 hasta 5.3, es vulnerable a ataques de ti... • https://exchange.xforce.ibmcloud.com/vulnerabilities/162772 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 1%CPEs: 6EXPL: 0CVE-2018-1884
https://notcve.org/view.php?id=CVE-2018-1884
12 Nov 2018 — IBM Case Manager 5.2.0.0, 5.2.0.4, 5.2.1.0, 5.2.1.7, 5.3.0.0, and 5.3.3.0 is vulnerable to a "zip slip" vulnerability which could allow a remote attacker to execute code using directory traversal techniques. IBM X-Force ID: 151970. IBM Case Manager 5.2.0.0, 5.2.0.4, 5.2.1.0, 5.2.1.7, 5.3.0.0 y 5.3.3.0 es vulnerabilidad a una vulnerabilidad "zip slip" que podría permitir que un atacante remoto ejecute código mediante técnicas de salto de directorio. IBM X-Force ID: 151970. • http://www.ibm.com/support/docview.wss?uid=ibm10737897 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.1EPSS: 0%CPEs: 9EXPL: 0CVE-2013-6746
https://notcve.org/view.php?id=CVE-2013-6746
22 Jan 2014 — Cross-site scripting (XSS) vulnerability in FileNet P8 Platform Documentation Installable Info Center 4.5.1 through 5.2.0 in IBM FileNet Business Process Manager 4.5.1 through 5.1.0, FileNet Content Manager 4.5.1 through 5.2.0, and Case Foundation 5.2.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en FileNet P8 Platform Documentation Installable Info Center 4.5.1 hasta la versión 5.2.0 en IBM FileNet Business Process Manager 4.5.1 hasta 5.1.0,... • http://secunia.com/advisories/56500 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •