CVE-2025-14604

IBM Storage Scale IBM S through rage Scale 5.2.3.0 - 5.2.3.5, and IBM S through rage Scale 6.0.0.0 - 6.0.0.1 could allow a local user to unintentionally trigger additional permissions for resources in a way that allows that resource to be executed by unintended actors...

IBM Storage Scale 安全漏洞

IBM Storage Scale is a storage solution offered by the American multinational company International Business Machines IBM. It aims to help businesses effectively manage and scale storage resources to meet growing data storage needs. Versions 5.2.3.0 to 5.2.3.5, as well as versions 6.0.0.0 to...

CVE-2024-39643

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in RegistrationMagic Forms RegistrationMagic allows Stored XSS.This issue affects RegistrationMagic: from n/a through 6.0.0.1...

WordPress RegistrationMagic plugin <= 6.0.0.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin RegistrationMagic versions = 6.0.0.1...

WordPress plugin RegistrationMagic 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

OpenEMR 5.0.2 < 6.0.0.1 Multiple XSS Vulnerabilities

OpenEMR is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

OpenEMR 2.7.2-rc1 < 6.0.0.1 Access Control Vulnerability

OpenEMR is prone to an access control vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:open-emr:openemr";...

Security Bulletin: Multiple Eclipse Jetty Vulnerabilities Affect IBM Sterling Secure External Authentication Server

Summary Three Eclipse Jetty vulnerabilities were addressed by IBM Sterling Secure External Authentication Server. Vulnerability Details CVE-ID: CVE-2019-10241 Description: Eclipse Jetty is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the DefaultServl...

Security Bulletin: IBM Elastic Storage System 3000 is affected by a vulnerability where an unprivileged user could execute commands as root ( CVE-2020-4273)

Summary A security vulnerability has been identified in all levels of IBM Elastic Storage System that could allow an unprivileged user to execute commands as root. A fix for this vulnerability is available. Vulnerability Details CVEID: CVE-2020-4273 DESCRIPTION: IBM Spectrum Scale 4.2 and 5.0 cou...

Security Bulletin: IBM Java Runtime Vulnerability Affects IBM Secure Proxy (CVE-2020-2654)

Summary IBM Secure Proxy has addressed the applicable vulnerability in IBM® Runtime Environment Java™ Version 1.8. Vulnerability Details CVEID: CVE-2020-2654 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java SE Libraries component could allow an unauthenticated attacker to...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Sterling Control Center (CVE-2016-3427 and CVE-2016-3426)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 7 that is used by IBM Control Center. These issues were disclosed as part of the IBM Java SDK updates in April 2016. Vulnerability Details CVEID: CVE-2016-3427 DESCRIPTION: An unspecified...

Cross site scripting

IBM Sterling B2B Integrator 6.0.0.0 and 6.0.0.1 Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

CVE-2019-4146

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 could allow an authenticated user to obtain sensitive document information under unusual circumstances. IBM X-Force ID: 158401...

CVE-2019-4074

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

Cross site scripting

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

CVE-2019-4073

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

CVE-2019-4077

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

CVE-2019-4146

CVE-2019-4146 affects IBM Sterling B2B Integrator Standard Edition versions 6.0.0.0–6.0.0.1 . The vulnerability is an information disclosure that could allow an authenticated user to obtain sensitive document information under unusual circumstances. The IBM security bulletin for this CVE (and CVE...

CVE-2019-4073

IBM Sterling B2B Integrator Standard Edition (versions 6.0.0.0–6.0.0.1) is affected by a cross-site scripting vulnerability in the Web UI that allows embedding arbitrary JavaScript, potentially leading to credentials disclosure within a trusted session. Connected advisories/records confirm the is...

CVE-2019-4076

CVE-2019-4076 affects IBM Sterling B2B Integrator Standard Edition. The vulnerability is a cross-site scripting (XSS) issue in the Web UI that could allow an attacker to inject arbitrary JavaScript, potentially leading to credentials disclosure within a trusted session. Affected products/versions...