CVSS: 8.8EPSS: 0%CPEs: 13EXPL: 0CVE-2014-0933
https://notcve.org/view.php?id=CVE-2014-0933
16 May 2014 — Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere Information Server Metadata Workbench 8.1 through 9.1 allows remote attackers to hijack the authentication of arbitrary users. Vulnerabilidad de CSRF en IBM InfoSphere Information Server Metadata Workbench 8.1 hasta 9.1 permite a atacantes remotos secuestrar la autenticación de usuarios arbitrarios. • http://www-01.ibm.com/support/docview.wss?uid=swg1JR49605 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.1EPSS: 0%CPEs: 10EXPL: 0CVE-2012-0203
https://notcve.org/view.php?id=CVE-2012-0203
31 Jan 2013 — Cross-site scripting (XSS) vulnerability in InfoSphere Metadata Workbench (MWB) 8.1 through 8.7 in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS) en InfoSphere Metadata Workbench (MWB) v8.1 through v8.7 en IBM InfoSphere Information Server v8.1, v8.5 anterior a FP3, y v8.7, permite a atacantes remotos inyectar secuencias de c... • http://www-01.ibm.com/support/docview.wss?uid=swg21623501 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0CVE-2012-0205
https://notcve.org/view.php?id=CVE-2012-0205
31 Jan 2013 — InfoSphere Metadata Workbench (MWB) 8.1 through 8.7 in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 does not properly restrict use of the troubleshooting feature, which allows remote authenticated users to bypass intended access restrictions or cause a denial of service (workbench outage) via unspecified vectors. InfoSphere Metadata Workbench (MWB) v8.1 hasta v8.7 en IBM InfoSphere Information Server v8.1, v8.5 anterior a FP3, y v8.7 no restringe correctamente el uso de la funcionlidad de ... • http://www-01.ibm.com/support/docview.wss?uid=swg21623501 • CWE-264: Permissions, Privileges, and Access Controls •