CVE-2025-27367

CVE-2025-27367 affects IBM OpenPages with Watson versions 8.3 through 9.0. The issue is described as improper input validation where an authenticated user can bypass client-side validation for GRC Object fields and craft a payload that allows data to be saved without required fields being stored....

CVE-2023-35901

IBM Robotic Process Automation 21.0.0 through 21.0.7.6 and 23.0.0 through 23.0.6 is vulnerable to client side validation bypass which could allow invalid changes or values in some fields. IBM X-Force ID: 259380...

Security Bulletin: IBM Robotic Process Automation is vulnerable to client side validation bypass (CVE-2023-35901)

Summary IBM Robotic Process Automation is vulnerable to client side validation bypass which could allow invalid changes or values in some fields. CVE-2023-35901 Vulnerability Details CVEID:CVE-2023-35901 DESCRIPTION: IBM Robotic Process Automation is vulnerable to client side validation bypass...

Input validation

IBM Robotic Process Automation 21.0.0 - 21.0.7 and 23.0.0 is vulnerable to client-side validation bypass for credential pools. Invalid credential pools may be created as a result. IBM X-Force ID: 242951...

PT-2023-15023 · Ibm · Ibm Robotic Process Automation

Name of the Vulnerable Software and Affected Versions: IBM Robotic Process Automation versions 21.0.0 through 21.0.7 IBM Robotic Process Automation version 23.0.0 Description: The issue concerns a client-side validation bypass for credential pools, which may result in the creation of invalid...

Tenable Nessus < 10.4.0 Multiple Vulnerabilities (TNS-2022-21)

Tenable Nessus is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tenable:nessus"; ifdescripti...

[R2] Nessus Version 10.4.0 Fixes Multiple Vulnerabilities

R2 Nessus Version 10.4.0 Fixes Multiple Vulnerabilities Arnie Cabral Thu, 10/27/2022 - 10:48 Nessus leverages third-party software to help provide underlying functionality. Several of the third-party components select2.js, jQuery UI were found to contain vulnerabilities, and updated versions have...

Xero: stored xss issue in folder name on go.xero.com/Docs/Folders

A client-side validation bypass issue was reported, which allowed XSS characters to be used for naming folders in https://go.xero.com. This provided a XSS attack vector against users of an Organization. A malicious, authenticated insider within an organisation may have used this attack vector to...