IBM Curam Social Program Management 跨站脚本漏洞

IBM Curam Social Program Management is a business and technology solution from IBM that provides pre-built health and social program components, business processes, toolsets and interfaces on top of a dynamically configurable architecture. The vulnerability can be exploited by attackers to cause...

CVE-2020-4779

A HTTP Verb Tampering vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass security access controls. IBM X-Force ID: 189156...

CVE-2020-4776

A path traversal vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10, which could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted file path in URL request to view arbitrary files on the system. IBM X-Force ID:...

CVE-2018-1671

IBM Curam Social Program Management 7.0.3 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-force ID: 144951...

CVE-2016-0261

Cross-site scripting XSS vulnerability in IBM Curam Social Program Management 6.0.0 before SP2 EP29, 6.0.4 before 6.0.4.6 iFix3, 6.0.5 before 6.0.5.9 iFix2, 6.1.0 before 6.1.0.1 iFix1, and 6.1.1 before 6.1.1.1 iFix1; and IBM Care Management 6.0 allows remote attackers to inject arbitrary web scri...

IBM Curam Social Program Management Cross-Site Scripting Vulnerability (CNVD-2017-16024)

IBM Curam Social Program Management is a suite of social program management solutions from IBM in the United States that support the end-to-end social program delivery process. A cross-site scripting vulnerability exists in IBM Curam Social Program Management, which can be exploited by an attacke...