CVE-2025-3302

The CVE-2025-3302 entry concerns Xagio SEO – AI Powered SEO for WordPress. Affected are all versions up to and including 7.1.0.16, vulnerable to Unauthenticated Stored Cross-Site Scripting via HTTP_REFERER due to insufficient input sanitization and output escaping. The vulnerability was partially...

Security Bulletin: IBM Tivoli Netcool Impact Configuration and Deployment Management Clickjacking

Summary IBM Tivoli Netcool Impact did not handle Clickjacking. Vulnerability Details Third Party Entry: PSIRT-ADV0014970 DESCRIPTION: CVSS Base score: 5.4 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Affected Products and Versions Affected Products| Versions ---|--- IBM Tivoli Netcoo...

CVE-2019-4569

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.16 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force I...

CVE-2019-4569

IBM Tivoli Netcool Impact 7.1.0.0–7.1.0.16 is affected by a stored cross-site scripting vulnerability in the operator view/web UI. The issue enables an attacker to embed arbitrary JavaScript, potentially altering functionality and exposing credentials within a trusted session. IBM’s advisory list...