Security Bulletin: IBM Kenexa LCMS Premier on Cloud is affected by a SQL Injection via External Service Interaction

Summary IBM Kenexa LCMS Premier on Cloud has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2017-1797 DESCRIPTION: IBM LCMS Premier on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to...

IBM Kenexa LCMS Premier on Cloud Information Disclosure Vulnerability (CNVD-2017-04799)

IBM Kenexa LCMS Premier on Cloud is an adjustable Learning Content Management System LCMS for developing, maintaining, and delivering effective employee training from IBM USA. A security vulnerability exists in IBM Kenexa LCMS Premier on Cloud that stems from the program failing to set a security...

CVE-2016-5952

IBM Kenexa LCMS Premier on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database...

Cross site request forgery (csrf)

IBM Kenexa LCMS Premier on Cloud could allow an authenticated user to obtain sensitive user data with a specially crafted HTTP request...