Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Rational Publishing Engine Security Vulnerabilities - CVSS Score 5 - 6

cve
cve

CVE-2016-2912

Cross-site scripting (XSS) vulnerability in the Document Builder in IBM Rational Publishing Engine (aka RPENG) 2.0.1 before ifix002 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

5.4CVSS

4.9AI Score

0.001EPSS

2016-08-08 01:59 AM
20
cve
cve

CVE-2016-2914

Unrestricted file upload vulnerability in the Document Builder in IBM Rational Publishing Engine (aka RPENG) 2.0.1 before ifix002 allows remote authenticated users to execute arbitrary code by specifying an unexpected file extension.

5.4CVSS

5.8AI Score

0.001EPSS

2016-08-08 01:59 AM
23
cve
cve

CVE-2018-1533

IBM Rational Publishing Engine 6.0.5 and 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142...

5.4CVSS

5.2AI Score

0.0005EPSS

2018-10-12 12:00 PM
23
cve
cve

CVE-2018-1534

IBM Rational Publishing Engine 6.0.5 and 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142...

5.4CVSS

5.2AI Score

0.0005EPSS

2018-10-12 12:00 PM
18
cve
cve

CVE-2018-1657

IBM Publishing Engine 2.1.2, 6.0.5, and 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-force ID: 1448...

5.4CVSS

5.2AI Score

0.001EPSS

2019-01-04 03:29 PM
22
cve
cve

CVE-2018-1951

IBM Publishing Engine 2.1.2, 6.0.5, and 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 1534...

5.4CVSS

5.2AI Score

0.001EPSS

2019-01-04 03:29 PM
27
cve
cve

CVE-2019-4431

IBM Rational Publishing Engine 6.0.6 and 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 1...

5.4CVSS

5.4AI Score

0.001EPSS

2020-02-12 04:15 PM
27