Emptoris Services Procurement
Monthly
IBM Emptoris Services Procurement 10.0.0.5 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
IBM Emptoris Services Procurement 10.0.0.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.
IBM Emptoris Services Procurement 10.0.0.5 could allow a local user to view sensitive information stored locally due to improper access control. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
IBM Emptoris Services Procurement 10.0.0.5 could allow a remote attacker to include arbitrary files. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.
IBM Emptoris Services Procurement 10.0.0.5 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
IBM Emptoris Services Procurement 10.0.0.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.
IBM Emptoris Services Procurement 10.0.0.5 could allow a local user to view sensitive information stored locally due to improper access control. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
IBM Emptoris Services Procurement 10.0.0.5 could allow a remote attacker to include arbitrary files. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.