Skip to main content

Content Navigator

35 CVEs product

Monthly

CVE-2024-51475 MEDIUM This Month

IBM Content Navigator 3.0.11, 3.0.15, and 3.1.0 is vulnerable to HTML injection. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Content Navigator
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2024-56341 MEDIUM This Month

IBM Content Navigator 3.0.11, 3.0.15, and 3.1.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Content Navigator
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2023-35896 MEDIUM PATCH This Month

IBM Content Navigator 3.0.13 is vulnerable to server-side request forgery (SSRF). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

SSRF IBM Content Navigator
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-40684 MEDIUM This Month

IBM Content Navigator 3.0.11, 3.0.13, and 3.0.14 with IBM Daeja ViewOne Virtual is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Content Navigator
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2022-43581 HIGH PATCH This Week

IBM Content Navigator 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.10, 3.0.11, and 3.0.12 is vulnerable to missing authorization and could allow an authenticated user to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

IBM Buffer Overflow Content Navigator
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2021-29714 MEDIUM This Month

IBM Content Navigator 3.0.CD could allow a malicious user to cause a denial of service due to improper input validation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Denial Of Service Content Navigator
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2021-20550 MEDIUM This Month

IBM Content Navigator 3.0.CD is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Content Navigator
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-20549 MEDIUM This Month

IBM Content Navigator 3.0.CD is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Content Navigator
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-20448 MEDIUM PATCH This Month

IBM Content Navigator 3.0.CD is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

IBM XSS Content Navigator
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2020-4757 MEDIUM POC PATCH This Month

IBM FileNet Content Manager and IBM Content Navigator 3.0.CD is vulnerable to stored cross-site scripting. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS IBM Content Navigator
NVD
CVSS 3.1
6.4
EPSS
1.3%
CVE-2020-4760 MEDIUM This Month

IBM Content Navigator 3.0CD is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Content Navigator
NVD
CVSS 3.1
5.4
EPSS
0.9%
CVE-2020-4704 MEDIUM This Month

IBM Content Navigator 3.0CD is vulnerable to stored cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Content Navigator
NVD
CVSS 3.1
5.4
EPSS
0.9%
CVE-2020-4687 MEDIUM This Month

IBM Content Navigator 3.0.7 and 3.0.8 could allow an authenticated user to view cached content of another user that they should not have access to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Content Navigator
NVD
CVSS 3.1
4.3
EPSS
1.0%
CVE-2020-4548 LOW Monitor

IBM Content Navigator 3.0.7 and 3.0.8 is vulnerable to improper input validation. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Authentication Bypass Content Navigator
NVD
CVSS 3.1
2.7
EPSS
0.7%
CVE-2020-4309 MEDIUM PATCH This Month

IBM Content Navigator 3.0CD could disclose sensitive information to an unauthenticated user which could be used to aid in further attacks against the system. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Content Navigator
NVD
CVSS 3.1
5.3
EPSS
1.3%
CVE-2020-4253 HIGH PATCH This Week

IBM Content Navigator 3.0CD does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

IBM Information Disclosure Content Navigator
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2019-4571 MEDIUM This Month

IBM Content Navigator 3.0CD is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Content Navigator
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2019-4263 MEDIUM This Month

IBM Content Navigator 3.0CD is vulnerable to local file inclusion, allowing an attacker to access a configuration file in the ICN server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Content Navigator
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2019-4092 MEDIUM This Month

IBM Content Navigator 2.0.3 and 3.0CD could allow a remote attacker to conduct phishing attacks, using an open redirect attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Open Redirect Content Navigator
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2019-4033 MEDIUM This Month

IBM Content Navigator 2.0.3 and 3.0CD is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Content Navigator
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2019-4035 MEDIUM This Month

IBM Content Navigator 3.0CD could allow attackers to direct web traffic to a malicious site. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Open Redirect Content Navigator
NVD
CVSS 3.1
5.4
EPSS
0.9%
CVE-2019-4034 HIGH This Week

IBM Content Navigator 3.0CD is could allow an attacker to execute arbitrary code on a user's workstation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM RCE Content Navigator
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2018-1496 MEDIUM PATCH This Month

IBM Content Navigator 2.0.3, 3.0.0, 3.0.1, 3.0.2, and 3.0.3 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Content Navigator
NVD
CVSS 3.0
5.4
EPSS
1.0%
CVE-2018-1366 HIGH PATCH This Week

IBM Content Navigator 2.0 and 3.0 is vulnerable to Comma Separated Value (CSV) Injection. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Code Injection IBM Content Navigator
NVD
CVSS 3.0
7.8
EPSS
0.9%
CVE-2018-1364 HIGH This Week

IBM Content Navigator 2.0 and 3.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM XXE Content Navigator
NVD
CVSS 3.0
8.2
EPSS
2.4%
CVE-2017-1522 MEDIUM This Month

IBM Content Navigator & CMIS 2.0.3, 3.0.0, and 3.0.1 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Content Navigator
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-1502 MEDIUM This Month

IBM Content Navigator & CMIS 2.0.3, 3.0.0, and 3.0.1 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Content Navigator
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-1331 MEDIUM PATCH This Month

IBM Content Navigator 2.0.3 and 3.0.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Content Navigator
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2017-1282 MEDIUM PATCH This Month

IBM Content Navigator & CMIS 2.0 and 3.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Content Navigator
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-1146 MEDIUM This Month

IBM Content Navigator 2.0.3 and 3.0.0 are vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Content Navigator
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2015-1888 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.0.2 before 2.0.2-ICN-FP007 and 2.0.3 before 2.0.3-ICN-FP003, as used in Content Manager, FileNet Content Manager, Content. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM XSS Content Navigator
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2014-8911 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.0.0 and 2.0.1 before 2.0.1.2 FP002 IF003 and 2.0.3 before 2.0.3.2 FP002 allows remote attackers to inject arbitrary web script or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Content Navigator
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2014-0874 LOW Monitor

Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.x before 2.0.2.2-ICN-FP002 allows remote authenticated users to inject arbitrary web script or HTML via an unspecified parameter. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Content Navigator
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2014-0858 LOW Monitor

IBM Content Navigator 2.x before 2.0.2.2-ICN-FP002 allows remote authenticated users to bypass intended access restrictions and conduct deleteAction attacks via a modified URL. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation IBM Content Navigator
NVD
CVSS 2.0
3.5
EPSS
0.1%
CVE-2013-5462 MEDIUM This Month

IBM/ECMClient/configure/explodedformat/navigator/header.jsp in IBM Content Navigator 2.0.0, 2.0.1 before 2.0.1.2-ICN-FP002, and 2.0.2 before 2.0.2.1-ICN-FP001 allows remote attackers to conduct. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure IBM Content Navigator
NVD
CVSS 2.0
4.3
EPSS
0.2%
EPSS 0% CVSS 5.4
MEDIUM This Month

IBM Content Navigator 3.0.11, 3.0.15, and 3.1.0 is vulnerable to HTML injection. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Content Navigator
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

IBM Content Navigator 3.0.11, 3.0.15, and 3.1.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Content Navigator
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

IBM Content Navigator 3.0.13 is vulnerable to server-side request forgery (SSRF). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

SSRF IBM Content Navigator
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

IBM Content Navigator 3.0.11, 3.0.13, and 3.0.14 with IBM Daeja ViewOne Virtual is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Content Navigator
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

IBM Content Navigator 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.10, 3.0.11, and 3.0.12 is vulnerable to missing authorization and could allow an authenticated user to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

IBM Buffer Overflow Content Navigator
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

IBM Content Navigator 3.0.CD could allow a malicious user to cause a denial of service due to improper input validation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Denial Of Service Content Navigator
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

IBM Content Navigator 3.0.CD is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Content Navigator
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

IBM Content Navigator 3.0.CD is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Content Navigator
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

IBM Content Navigator 3.0.CD is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

IBM XSS Content Navigator
NVD
EPSS 1% CVSS 6.4
MEDIUM POC PATCH This Month

IBM FileNet Content Manager and IBM Content Navigator 3.0.CD is vulnerable to stored cross-site scripting. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS IBM Content Navigator
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

IBM Content Navigator 3.0CD is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Content Navigator
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

IBM Content Navigator 3.0CD is vulnerable to stored cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Content Navigator
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

IBM Content Navigator 3.0.7 and 3.0.8 could allow an authenticated user to view cached content of another user that they should not have access to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Content Navigator
NVD
EPSS 1% CVSS 2.7
LOW Monitor

IBM Content Navigator 3.0.7 and 3.0.8 is vulnerable to improper input validation. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Authentication Bypass Content Navigator
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

IBM Content Navigator 3.0CD could disclose sensitive information to an unauthenticated user which could be used to aid in further attacks against the system. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Content Navigator
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

IBM Content Navigator 3.0CD does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

IBM Information Disclosure Content Navigator
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

IBM Content Navigator 3.0CD is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Content Navigator
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

IBM Content Navigator 3.0CD is vulnerable to local file inclusion, allowing an attacker to access a configuration file in the ICN server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Content Navigator
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

IBM Content Navigator 2.0.3 and 3.0CD could allow a remote attacker to conduct phishing attacks, using an open redirect attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Open Redirect Content Navigator
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

IBM Content Navigator 2.0.3 and 3.0CD is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Content Navigator
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

IBM Content Navigator 3.0CD could allow attackers to direct web traffic to a malicious site. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Open Redirect Content Navigator
NVD
EPSS 2% CVSS 8.8
HIGH This Week

IBM Content Navigator 3.0CD is could allow an attacker to execute arbitrary code on a user's workstation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM RCE Content Navigator
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

IBM Content Navigator 2.0.3, 3.0.0, 3.0.1, 3.0.2, and 3.0.3 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Content Navigator
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

IBM Content Navigator 2.0 and 3.0 is vulnerable to Comma Separated Value (CSV) Injection. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Code Injection IBM Content Navigator
NVD
EPSS 2% CVSS 8.2
HIGH This Week

IBM Content Navigator 2.0 and 3.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM XXE Content Navigator
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

IBM Content Navigator & CMIS 2.0.3, 3.0.0, and 3.0.1 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Content Navigator
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

IBM Content Navigator & CMIS 2.0.3, 3.0.0, and 3.0.1 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Content Navigator
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

IBM Content Navigator 2.0.3 and 3.0.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Content Navigator
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

IBM Content Navigator & CMIS 2.0 and 3.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Content Navigator
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

IBM Content Navigator 2.0.3 and 3.0.0 are vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Content Navigator
NVD
EPSS 0% CVSS 3.5
LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.0.2 before 2.0.2-ICN-FP007 and 2.0.3 before 2.0.3-ICN-FP003, as used in Content Manager, FileNet Content Manager, Content. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM XSS Content Navigator
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.0.0 and 2.0.1 before 2.0.1.2 FP002 IF003 and 2.0.3 before 2.0.3.2 FP002 allows remote attackers to inject arbitrary web script or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Content Navigator
NVD
EPSS 0% CVSS 3.5
LOW Monitor

Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.x before 2.0.2.2-ICN-FP002 allows remote authenticated users to inject arbitrary web script or HTML via an unspecified parameter. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Content Navigator
NVD
EPSS 0% CVSS 3.5
LOW Monitor

IBM Content Navigator 2.x before 2.0.2.2-ICN-FP002 allows remote authenticated users to bypass intended access restrictions and conduct deleteAction attacks via a modified URL. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation IBM Content Navigator
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

IBM/ECMClient/configure/explodedformat/navigator/header.jsp in IBM Content Navigator 2.0.0, 2.0.1 before 2.0.1.2-ICN-FP002, and 2.0.2 before 2.0.2.1-ICN-FP001 allows remote attackers to conduct. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure IBM Content Navigator
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy