879 matches found
CVE-2017-1355
IBM Atlas eDiscovery Process Management 6.0.3 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 126682...
CVE-2017-1354
IBM Atlas eDiscovery Process Management 6.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...
CVE-2017-1356
IBM Atlas eDiscovery Process Management 6.0.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 126683...
Sql injection
IBM Atlas eDiscovery Process Management 6.0.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 126683...
CVE-2017-1354
IBM Atlas eDiscovery Process Management 6.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...
CVE-2017-1355
IBM Atlas eDiscovery Process Management 6.0.3 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 126682...
CVE-2017-1355
IBM Atlas eDiscovery Process Management stores sensitive information in URL parameters, enabling potential information disclosure via server logs, referrers, or browser history. Affected: 6.0.3 through 6.0.3.5. CVSS v3 base 3.7. Remediation: upgrade to 6.0.3 Fix Pack 6 (6.0.3 FP6).
CVE-2017-1353
IBM Atlas eDiscovery Process Management 6.0.3–6.0.3.5 is vulnerable to an information-disclosure issue where an authenticated attacker could obtain sensitive data when a user clicks unsafe third-party links. The root cause is that links with target="_blank" and no rel="noopener noreferrer" grant ...
CVE-2017-1356
Affected product: IBM Atlas eDiscovery Process Management. Vulnerability: SQL injection in versions 6.0.3 – 6.0.3.5 due to insufficient input filtering, enabling a remote attacker to view, add, modify, or delete data in the backend database. Root cause (as stated): vulnerability to SQL injection....
CVE-2017-1354
The CVE-2017-1354 entry concerns IBM Atlas eDiscovery Process Management. A cross-site scripting (XSS) vulnerability affects Atlas eDiscovery Process Management 6.0.3 (specifically 6.0.3.0 to 6.0.3.5). The underlying issue allows an attacker to inject arbitrary JavaScript into the Web UI, potenti...
CVE-2017-1353
IBM Atlas eDiscovery Process Management 6.0.3 could allow an authenticated attacker to obtain sensitive information when an unsuspecting user clicks on unsafe third-party links. IBM X-Force ID: 126680...
CVE-2017-1356
IBM Atlas eDiscovery Process Management 6.0.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 126683...
CVE-2017-1354
IBM Atlas eDiscovery Process Management 6.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...
IBM Atlas eDiscovery Process Management Information Disclosure Vulnerability
IBM Atlas eDiscovery Process Management is a product within the Information Lifecycle Governance solution from IBM USA that is used to help attorneys, paralegals, and evidence supervisors rigorously and logically manage legal evidence retention workflows. An information disclosure vulnerability...
atlas-viagens.pt XSS vulnerability
Open Bug Bounty ID: OBB-448285 Description| Value ---|--- Affected Website:| atlas-viagens.pt Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
atlas-hallen.de XSS vulnerability
Open Bug Bounty ID: OBB-318283 Description| Value ---|--- Affected Website:| atlas-hallen.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
atlas-minerva.web.cern.ch XSS vulnerability
Vulnerable URL: https://atlas-minerva.web.cern.ch/atlas-minerva/index.php?lang=fr"es Details: Description| Value ---|--- Patched:| No Latest check for patch:| 24.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No...
atlas-editions.de XSS vulnerability
Open Bug Bounty ID: OBB-299318 Description| Value ---|--- Affected Website:| atlas-editions.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Apache Atlas Detection (HTTP)
HTTP based detection of Apache Atlas. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.112030";...
Apache Atlas < 0.8 Access Vulnerability
Apache Atlas is prone to an access vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:atlas"; ifdescription...