NotCVE - vendor:"Ibm" product:"Content Navigator" version:" >= 3.0.0 <= 3.0.12"

30 results (0.011 seconds)

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2023-40684 – IBM Content Navigator cross-site scripting

https://notcve.org/view.php?id=CVE-2023-40684

04 Oct 2023 — IBM Content Navigator 3.0.11, 3.0.13, and 3.0.14 with IBM Daeja ViewOne Virtual is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 264019. IBM Content Navigator 3.0.11, 3.0.13 y 3.0.14 con IBM Daeja ViewOne Virtual es vulnerable a Cross-Site Scripting. Esta vulnerabilidad permite a los usuarios incrustar código J... • https://exchange.xforce.ibmcloud.com/vulnerabilities/264019 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2022-43581 – IBM Content Navigator code execution

https://notcve.org/view.php?id=CVE-2022-43581

07 Dec 2022 — IBM Content Navigator 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.10, 3.0.11, and 3.0.12 is vulnerable to missing authorization and could allow an authenticated user to load external plugins and execute code. IBM X-Force ID: 238805. IBM Content Navigator 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.10, 3.0.11 y 3.0.12 es vulnerable a la falta de autorización y podría permitir que un usuario autenticado cargue complementos externos y ejecute código. ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/238805 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-862: Missing Authorization •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-29714

https://notcve.org/view.php?id=CVE-2021-29714

09 Aug 2021 — IBM Content Navigator 3.0.CD could allow a malicious user to cause a denial of service due to improper input validation. IBM X-Force ID: 200968. IBM Content Navigator versión 3.0.CD, podría permitir a un usuario malicioso causar una denegación de servicio debido a una comprobación de entrada inapropiada. IBM X-Force ID: 200968 • https://exchange.xforce.ibmcloud.com/vulnerabilities/200968 • CWE-20: Improper Input Validation •

CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0

CVE-2021-20550

https://notcve.org/view.php?id=CVE-2021-20550

27 Apr 2021 — IBM Content Navigator 3.0.CD is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199168. IBM Content Navigator versión 3.0.CD, es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la interfaz de usuario web, alterando así la fu... • https://exchange.xforce.ibmcloud.com/vulnerabilities/199168 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0

CVE-2021-20549

https://notcve.org/view.php?id=CVE-2021-20549

27 Apr 2021 — IBM Content Navigator 3.0.CD is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199167. IBM Content Navigator versión 3.0.CD, es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la interfaz de usuario web, alterando así la fu... • https://exchange.xforce.ibmcloud.com/vulnerabilities/199167 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0

CVE-2021-20448

https://notcve.org/view.php?id=CVE-2021-20448

27 Apr 2021 — IBM Content Navigator 3.0.CD is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 196624. IBM Content Navigator versión 3.0.CD, es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la interfaz de usuario web, alterando así la fu... • https://exchange.xforce.ibmcloud.com/vulnerabilities/196624 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0

CVE-2020-4934

https://notcve.org/view.php?id=CVE-2020-4934

02 Feb 2021 — IBM Content Navigator 3.0.CD could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 191752. IBM Content Navigator versión 3.0.CD, podría permitir a un atacante remoto saltar directorios en el sistema. Un atacante podría enviar una petición URL especialmente diseñada que contenga secuencias "dot dot" (/../) para visualizar archivos arbitrarios ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/191752 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 1

CVE-2020-4757

https://notcve.org/view.php?id=CVE-2020-4757

21 Dec 2020 — IBM FileNet Content Manager and IBM Content Navigator 3.0.CD is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188600. IBM FileNet Content Manager e IBM Content Navigator versión 3.0.CD, es vulnerables a unos ataques de tipo cross-site scripting almacenado. Esta vulnerabilidad permite a usuarios inse... • https://exchange.xforce.ibmcloud.com/vulnerabilities/188600 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2020-4760

https://notcve.org/view.php?id=CVE-2020-4760

10 Nov 2020 — IBM Content Navigator 3.0CD is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188737. IBM Content Navigator versión 3.0CD, es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, alterando así la func... • https://exchange.xforce.ibmcloud.com/vulnerabilities/188737 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2020-4704

https://notcve.org/view.php?id=CVE-2020-4704

10 Nov 2020 — IBM Content Navigator 3.0CD is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 187189. IBM Content Navigator versión 3.0CD, es vulnerable a un ataque de tipo cross-site scripting almacenado. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, alt... • https://exchange.xforce.ibmcloud.com/vulnerabilities/187189 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

1 2 3