IBM API Connect Information Disclosure Vulnerability (CNVD-2019-31124)

IBM API Connect APIConnect is a suite of integrated solutions for managing the API lifecycle from IBM USA. The product supports creating, running, managing, and securing APIs, microservices, and more. An information disclosure vulnerability exists in IBM API Connect versions 2018.1 through...

CVE-2018-2015

IBM API Connect 2018.1 and 2018.4.1.4 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks agains...

IBM API Connect Information Disclosure Vulnerability (CNVD-2019-07362)

IBM API Connect APIConnect is a suite of integrated solutions for managing the API lifecycle from IBM USA. The product supports creating, running, managing, and securing APIs, microservices, and more. An information disclosure vulnerability exists in the consumer API in IBM API Connect versions...

Security Bulletin: IBM API Connect is vulnerable to CSV Injection (CVE-2018-1774)

Summary IBM API Connect has addressed the following vulnerability. IBM API Connect is vulnerable to CSV Injection via the Developer Portal and analytics that could contain malicious commands that would be executed once opened by an administrator. Vulnerability Details CVEID: CVE-2018-1774...

Security Bulletin: IBM API Connect is affected by multiple vulnerabilities in Drupal (CVE-2018-7603)

Summary API Connect has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2018-7603 DESCRIPTION: The Search Autocomplete for Drupal is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerabili...