EUVD-2021-16386

Malware in sbrugna...

EUVD-2021-25348

Malware in sbrugna...

CVE-2021-38911

IBM Security Risk Manager on CP4S 1.7.0.0 stores user credentials in plain clear text which can be read by a an authenticatedl privileged user. IBM X-Force ID: 209940...

CVE-2021-29912

IBM Security Risk Manager on CP4S 1.7.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 207828...

Cross site scripting

IBM Security Risk Manager on CP4S 1.7.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 207828...

CVE-2021-38911

IBM Security Risk Manager on CP4S 1.7.0.0 stores user credentials in plain clear text which can be read by a an authenticatedl privileged user. IBM X-Force ID: 209940...

CVE-2021-29912

IBM Security Risk Manager on CP4S 1.7.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 207828...

Ibm Security Risk Manager on Cp4S 跨站脚本漏洞

Ibm Security Risk Manager on Cp4S is a security risk manager from Ibm USA. A security vulnerability exists in Ibm Security Risk Manager on Cp4S, which stems from the lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerability to execute...

Ibm Security Risk Manager on Cp4S 安全漏洞

Ibm Security Risk Manager on Cp4S is a security risk manager from Ibm USA. A security vulnerability exists in Ibm Security Risk Manager on Cp4S, which stems from the lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerability to execute...

Security Bulletin: IBM Security Risk Manager on CP4S is affected by multiple vulnerabilities (CVE-2020-15168, CVE-2021-29912)

Summary IBM Security Risk Manager on CP4S has addressed the following vulnerabilities: Vulnerability Details CVEID: CVE-2021-29912 DESCRIPTION: IBM Cloud Pak - Risk Manager is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus...

Security Bulletin: IBM Security Risk Manager on CP4S is affected by multiple vulnerabilities

Summary IBM Security Risk Manager on CP4S has addressed the following vulnerabilities: Vulnerability Details CVEID: CVE-2020-5421 DESCRIPTION: VMware Tanzu Spring Framework could allow a remote attacker to bypass security restrictions, caused by improper input validation. By using a...