CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2018-1542
https://notcve.org/view.php?id=CVE-2018-1542
06 Jul 2018 — IBM FileNet Content Manager, IBM Content Foundation, and IBM Case Foundation Administration Console for Content Platform Engine (ACCE) 5.2.1 and 5.5.0 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 142597. IBM FileNet Content Manager, IBM Content Foundation y IBM Case Foundation Administration Console for Content Platform Engine (ACCE) en v... • http://www.ibm.com/support/docview.wss?uid=swg22015943 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2018-1555
https://notcve.org/view.php?id=CVE-2018-1555
06 Jul 2018 — IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142892. Las versiones 5.2.1 y 5.5.0 de IBM FileNet Content Manager son vulnerables a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuari... • http://www.ibm.com/support/docview.wss?uid=swg22015943 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2018-1556
https://notcve.org/view.php?id=CVE-2018-1556
06 Jul 2018 — IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142893. Las versiones 5.2.1 y 5.5.0 de IBM FileNet Content Manager son vulnerables a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuari... • http://www.ibm.com/support/docview.wss?uid=swg22015943 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2014-4763
https://notcve.org/view.php?id=CVE-2014-4763
15 Sep 2014 — Cross-site scripting (XSS) vulnerability in Content Navigator in Content Engine in IBM FileNet Content Manager 5.2.x before 5.2.0.3-P8CPE-IF003 and Content Foundation 5.2.x before 5.2.0.3-P8CPE-IF003 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. Vulnerabilidad de XSS en Content Navigator en Content Engine en IBM FileNet Content Manager 5.2.x anterior a 5.2.0.3-P8CPE-IF003 y Content Foundation 5.2.x anterior a 5.2.0.3-P8CPE-IF003 permite a usuarios remotos autent... • http://secunia.com/advisories/61127 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 9EXPL: 0CVE-2013-6746
https://notcve.org/view.php?id=CVE-2013-6746
22 Jan 2014 — Cross-site scripting (XSS) vulnerability in FileNet P8 Platform Documentation Installable Info Center 4.5.1 through 5.2.0 in IBM FileNet Business Process Manager 4.5.1 through 5.1.0, FileNet Content Manager 4.5.1 through 5.2.0, and Case Foundation 5.2.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en FileNet P8 Platform Documentation Installable Info Center 4.5.1 hasta la versión 5.2.0 en IBM FileNet Business Process Manager 4.5.1 hasta 5.1.0,... • http://secunia.com/advisories/56500 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •