CVSS: 5.4EPSS: 0%CPEs: 9EXPL: 0CVE-2016-0280
https://notcve.org/view.php?id=CVE-2016-0280
08 Aug 2016 — Cross-site scripting (XSS) vulnerability in IBM Information Server Framework 8.5, Information Server Framework and InfoSphere Information Server Business Glossary 8.7 before FP2, Information Server Framework and InfoSphere Information Server Business Glossary 9.1 before 9.1.2.0, Information Server Framework and InfoSphere Information Governance Catalog 11.3 before 11.3.1.2, and Information Server Framework and InfoSphere Information Governance Catalog 11.5 before 11.5.0.1 allows remote authenticated users t... • http://www-01.ibm.com/support/docview.wss?uid=swg1JR55452 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.1EPSS: 0%CPEs: 6EXPL: 0CVE-2012-0702
https://notcve.org/view.php?id=CVE-2012-0702
31 Jan 2013 — Information Services Framework (ISF) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 does not properly determine authorization, which allows remote authenticated users to gain privileges via unspecified vectors. Information Services Framework (ISF) en IBM InfoSphere Information Server v8.1, v8.5 anterior a FP3, no valida correctamente la autenticación, permitiendo a usuarios remotos autenticados ganar privilegios mediante vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg21623501 • CWE-287: Improper Authentication •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2012-0703
https://notcve.org/view.php?id=CVE-2012-0703
31 Jan 2013 — Open redirect vulnerability in Information Services Framework (ISF) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. Vulnerabilidad de redirección abierta en Information Services Framework (ISF) en IBM InfoSphere Information Server v8.1, v8.5 anterior a FP3, permite a atacantes remotos redireccionar a usuarios a sitios web de su elección y llevar a cabo ataques de phishing ... • http://www-01.ibm.com/support/docview.wss?uid=swg21623501 • CWE-20: Improper Input Validation •