Skip to main content

Forms Experience Builder

3 CVEs product

Monthly

CVE-2016-6001 LOW PATCH Monitor

IBM Forms Experience Builder could be susceptible to a server-side request forgery (SSRF) from the application design interface allowing for some information disclosure of internal resources. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable.

SSRF IBM Information Disclosure Forms Experience Builder
NVD
CVSS 3.0
3.1
EPSS
0.1%
CVE-2016-2884 HIGH PATCH This Week

Cross-site request forgery (CSRF) vulnerability in IBM Forms Experience Builder 8.5.x and 8.6.x before 8.6.3.1, in an unspecified non-default configuration, allows remote authenticated users to. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity.

IBM XSS CSRF Forms Experience Builder
NVD
CVSS 3.0
8.0
EPSS
0.1%
CVE-2016-0370 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in IBM Forms Experience Builder 8.5.x and 8.6.x before 8.6.3 allows remote authenticated users to inject arbitrary web script or HTML via crafted input to an. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

IBM XSS Forms Experience Builder
NVD
CVSS 3.0
2.7
EPSS
0.2%
EPSS 0% CVSS 3.1
LOW PATCH Monitor

IBM Forms Experience Builder could be susceptible to a server-side request forgery (SSRF) from the application design interface allowing for some information disclosure of internal resources. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable.

SSRF IBM Information Disclosure +1
NVD
EPSS 0% CVSS 8.0
HIGH PATCH This Week

Cross-site request forgery (CSRF) vulnerability in IBM Forms Experience Builder 8.5.x and 8.6.x before 8.6.3.1, in an unspecified non-default configuration, allows remote authenticated users to. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity.

IBM XSS CSRF +1
NVD
EPSS 0% CVSS 2.7
LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in IBM Forms Experience Builder 8.5.x and 8.6.x before 8.6.3 allows remote authenticated users to inject arbitrary web script or HTML via crafted input to an. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

IBM XSS Forms Experience Builder
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy