Curam Social Program Management@6.0.3.0 Security Vulnerabilities and Issues — Curam Social Program Management@6.0.3.0 CVE List

Lucene search

IbmCuram Social Program Management6.0.3.0

3 matches found

CVE•added 2014/06/18 4:55 p.m.•34 views

CVE-2014-3013

Multiple cross-site scripting (XSS) vulnerabilities in IBM Curam Social Program Management 4.5 SP10 through 6.0.5.4 allow remote authenticated users to inject arbitrary web script or HTML via crafted input to a (1) custom JSP or (2) custom renderer.

3.5CVSS5.3AI score0.00188EPSS

CVE•added 2014/06/18 4:55 p.m.•33 views

CVE-2014-3012

Multiple CRLF injection vulnerabilities in IBM Curam Social Program Management 5.2 SP1 through 6.0.5.4 allow remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified parameters to custom JSPs.

3.5CVSS6.8AI score0.00173EPSS

CVE•added 2015/04/27 11:59 a.m.•29 views

CVE-2014-6090

Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) DataMappingEditorCommands, (2) DatastoreEditorCommands, and (3) IEGEditorCommands servlets in IBM Curam Social Program Management (SPM) 5.2 SP6 before EP6, 6.0 SP2 before EP26, 6.0.3 before 6.0.3.0 iFix8, 6.0.4 before 6.0.4.5 iFi...

6.8CVSS6.7AI score0.00103EPSS