8110 matches found
IBM Engineering Workflow Management Cross-Site Scripting Vulnerability (CNVD-2021-03014)
IBM Engineering Workflow Management EWM is a team collaboration tool that integrates a variety of development tasks, including iteration planning, process definition, change management, defect tracking, source code control, build automation, and reporting. A cross-site scripting vulnerability...
CVE-2020-4733
IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188127...
DEBIAN-CVE-2020-16024
Heap buffer overflow in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...
UBUNTU-CVE-2021-21111
Insufficient policy enforcement in WebUI in Google Chrome prior to 87.0.4280.141 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension...
IBM Jazz Foundation 跨站脚本漏洞
IBM Engineering Workflow Management EWM is a team collaboration tool that integrates a variety of development tasks, including iteration planning, process definition, change management, defect tracking, source code control, build automation, and reporting. A cross-site scripting vulnerability...
IBM Engineering Requirements Quality Assistant 跨站脚本漏洞
IBM Engineering Requirements Quality Assistant uses AI to help you improve requirements quality from the authoring source. A cross-site scripting vulnerability exists in IBM Engineering Requirements Quality Assistant. An attacker could exploit the vulnerability to embed arbitrary JavaScript code ...
CVE-2020-4895
IBM Emptoris Strategic Supply Management 10.1.0, 10.1.1, and 10.1.3 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a truste...
CVE-2020-4892
IBM Emptoris Contract Management 10.1.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190979...
IBM Cloud Pak System Cross-Site Scripting Vulnerability (CNVD-2021-00890)
IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from IBM USA. A cross-site scripting vulnerability exists in IBM Cloud Pak System 2.3. An attacker could exploit the vulnerability to embed arbitrary JavaScript code in the Web UI that could...
IBM Cloud Pak System Cross-Site Scripting Vulnerability (CNVD-2021-00889)
IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from IBM USA. A cross-site scripting vulnerability exists in IBM Cloud Pak System 2.3. An attacker could exploit the vulnerability to embed arbitrary JavaScript code in the Web UI that could...
IBM Cloud Pak System Cross-Site Scripting Vulnerability (CNVD-2021-00888)
IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from IBM USA. A cross-site scripting vulnerability exists in IBM Cloud Pak System 2.3. An attacker could exploit the vulnerability to embed arbitrary JavaScript code in the Web UI that could...
CVE-2020-4910
IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191274...
CVE-2020-4909
IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191273...
CVE-2020-4916
IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191390...
IBM Cloud Pak System 跨站脚本漏洞
IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from IBM USA. A cross-site scripting vulnerability exists in IBM Cloud Pak System 2.3. An attacker could exploit the vulnerability to embed arbitrary JavaScript code in the Web UI that could...
FortiWeb is vulnerable to a blind SQL injection
A blind SQL injection in the user interface of FortiWeb may allow an unauthenticated, remote attacker to execute arbitrary SQL queries or commands by sending a request with a crafted Authorization header containing a malicious SQL statement...
CVE-2020-4916
IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191390...
CVE-2020-4909
IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191273...
CVE-2020-4910
IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191274...
CVE-2020-4757
IBM FileNet Content Manager and IBM Content Navigator 3.0.CD is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...