292 matches found
EUVD-2022-27464
Malicious code in bioql PyPI...
IBM Curam Social Program Management code issue vulnerability (CNVD-2022-54649)
IBM Curam Social Program Management is a business and technology solution from IBM that provides pre-built health and social program components, business processes, toolsets and interfaces on top of a dynamically configurable architecture. A code issue vulnerability exists in versions 8.0.0 and...
CVE-2022-22318
IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system...
CVE-2022-22317
IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 218281...
CVE-2022-22317
IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 218281...
CVE-2022-22318
IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system...
Code injection
IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system...
CVE-2022-22318
IBM Curam Social Program Management (Cúram SPM) versions 8.0.0–8.0.1 are affected by a session timeout issue where the system does not invalidate a user’s session after logout, enabling an authenticated user to impersonate another user. IBM’s Security Bulletin (CVE-2022-22318) states the vulnerab...
CVE-2022-22318
IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system...
CVE-2022-22317
IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 218281...
CVE-2022-22317
CVE-2022-22317 affects IBM Cúram Social Program Management 8.0.0–8.0.1. A code issue causes the session not to be invalidated after logout, enabling an authenticated user to impersonate another user. Connected sources (CNVD-2022-54649, IBM bulletin) confirm the root cause and affected versions, a...
IBM Curam Social Program Management 代码问题漏洞
IBM Curam Social Program Management is an IBM business and technology solution that provides pre-built health and social program components, business processes, toolsets and interfaces on top of a dynamically configurable architecture. The vulnerability stems from the failure of the program to...
IBM Curam Social Program Management 代码问题漏洞
IBM Curam Social Program Management is a business and technology solution from IBM that provides pre-built health and social program components, business processes, toolsets and interfaces on top of a dynamically configurable architecture. A code issue vulnerability exists in versions 8.0.0 and...
CVE-2022-22317
IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 218281...
CVE-2022-22318
IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system...
IBM Curam Social Program Management Cross-Site Scripting Vulnerability (CNVD-2022-46461)
IBM Curam Social Program Management is a business and technology solution from IBM that provides pre-built health and social program components, business processes, toolsets and interfaces on top of a dynamically configurable architecture. The vulnerability can be exploited by attackers to cause...
CVE-2021-39068
IBM Curam Social Program Management 8.0.1 and 7.0.11 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force...
CVE-2021-39068
IBM Curam Social Program Management 8.0.1 and 7.0.11 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force...
Cross site scripting
IBM Curam Social Program Management 8.0.1 and 7.0.11 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force...
CVE-2021-39068
CVE-2021-39068 affects IBM Cúram Social Program Management versions 8.0.1 and 7.0.11. It is a cross-site scripting (XSS) vulnerability in the Web UI that allows embedding arbitrary JavaScript code, potentially altering functionality and leading to credentials disclosure within a trusted session. ...