46 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in IBM Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 and 1.0.0.3 before 1.0.0.32 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...
Design/Logic Flaw
IBM Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 and 1.0.0.3 before 1.0.0.32, when access by guests is enabled, place an internal hostname and a payload path in a response, which allows remote authenticated users to obtain sensitive information ...
CVE-2015-5022
Summary of details (CVE-2015-5022): IBM Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 and 1.0.0.3 before 1.0.0.3_2 have an information-disclosure vulnerability when guest access is enabled. The affected component places an internal hostname and a...
CVE-2015-4973
Summary: CVE-2015-4973 is an XSS vulnerability affecting IBM’s Multi-Enterprise Integration Gateway (1.x up to 1.0.0.1) and B2B Advanced Communications (1.0.0.2/1.0.0.3) that allows remote attackers to insert arbitrary script/HTML via a crafted URL. Affected components: IBM Multi-Enterprise Integ...
CVE-2015-4973
Cross-site scripting XSS vulnerability in IBM Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 and 1.0.0.3 before 1.0.0.32 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...
CVE-2015-5022
IBM Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 and 1.0.0.3 before 1.0.0.32, when access by guests is enabled, place an internal hostname and a payload path in a response, which allows remote authenticated users to obtain sensitive information ...