Skip to main content
CVE-2015-0145 MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability in IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to hijack. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

IBM XSS CSRF Openpages Grc Platform
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2015-5651 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in Dotclear before 2.8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Dotclear
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-0195 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in IBM Content Template Catalog 4.x before 4.1.4 for WebSphere Portal 8.0.x and 4.x before 4.3.1 for WebSphere Portal 8.5.x allows remote attackers to inject. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Content Template Catalog
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2015-0142 MEDIUM PATCH This Month

IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to cause a denial of service (maintenance-mode transition and. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

IBM Denial Of Service Privilege Escalation Openpages Grc Platform
NVD
CVSS 2.0
4.0
EPSS
0.4%
CVE-2015-0143 MEDIUM PATCH This Month

IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to obtain sensitive information by reading error messages. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Openpages Grc Platform
NVD
CVSS 2.0
4.0
EPSS
0.2%
CVE-2015-0141 MEDIUM PATCH This Month

IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to modify arbitrary user filters via a JSON request. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

IBM Authentication Bypass Openpages Grc Platform
NVD
CVSS 2.0
4.0
EPSS
0.1%
CVE-2015-4955 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 8.0.x through 8.0.1.3, 8.5.0 through 8.5.0.1, 8.5.5 through 8.5.5.0, and 8.5.6 before 8.5.6.0 CF1 allows remote. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM XSS Business Process Manager
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-1888 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.0.2 before 2.0.2-ICN-FP007 and 2.0.3 before 2.0.3-ICN-FP003, as used in Content Manager, FileNet Content Manager, Content. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM XSS Content Navigator
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-0144 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to inject. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM XSS Openpages Grc Platform
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2014-8916 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to inject. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM XSS Openpages Grc Platform
NVD
CVSS 2.0
3.5
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy