CVE-2020-4600

IBM Security Guardium Insights 2.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 184832...

IBM Engineering Workflow Management Information Disclosure Vulnerability

IBM Engineering Workflow Management EWM is a team collaboration tool that integrates a variety of development tasks, including iteration planning, process definition, change management, defect tracking, source code control, build automation, and reporting. An information disclosure vulnerability...

CVE-2020-4476

IBM Sterling File Gateway 2.2.0.0 through 2.2.6.5 and 6.0.0.0 through 6.0.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID:...

CVE-2020-4483

IBM UrbanCode Deploy UCD 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 181857...

NoScript Cross Site Scripting Via SQL Injection

Hi List NoScript fails to detect the reflective XSS from trusted domains when an attack is conducted through SQLXSSI. The bypass in NoScript has been successfully conducted by using "Reflective XSS" through Union SQL poisoning attacks by exploiting the reverted errors in the browser. The attack...