Campaign@9.1.2 Security Vulnerabilities and Issues — Campaign@9.1.2 CVE List

Lucene search

IbmCampaign9.1.2

5 matches found

CVE•added 2018/09/07 4:0 p.m.•40 views

CVE-2017-1114

IBM Campaign 9.1, 9.1.2, and 10 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 121152.

5.4CVSS5.2AI score0.00158EPSS

CVE•added 2018/04/27 3:29 p.m.•34 views

CVE-2017-1116

IBM Campaign 8.6, 9.0, 9.1, 9.1.1, 9.1.2, and 10.0 contains excessive details on the client side which could provide information useful for an authenticated user to conduct other attacks. IBM X-Force ID: 121154.

4.3CVSS4.3AI score0.00212EPSS

CVE•added 2018/09/07 4:0 p.m.•32 views

CVE-2017-1115

IBM Campaign 9.1, 9.1.2, and 10 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 121153.

5.4CVSS5.6AI score0.00092EPSS

CVE•added 2018/11/09 1:29 a.m.•29 views

CVE-2016-9749

IBM Campaign 9.1.0, 9.1.2, 10.0, and 10.1 could allow an authenticated user with access to the local network to bypass security due to lack of input validation. IBM X-Force ID: 120206.

4CVSS3.9AI score0.00043EPSS

CVE•added 2018/12/05 5:29 p.m.•29 views

CVE-2018-1941

IBM Campaign 9.1.0 and 9.1.2 could allow a local user to obtain admini privileges due to the application not validating access permissions. IBM X-Force ID: 153382.

8.4CVSS7.1AI score0.00027EPSS