3 matches found
CVE-2015-4939
CVE-2015-4939 is an XSS vulnerability in IBM Emptoris Supplier Lifecycle Management and Emptoris Program Management. Affected are IBM Emptoris products on 10.x releases prior to: 10.0.1.4_iFix3, 10.0.2.x before 10.0.2.7_iFix1, 10.0.3.x before 10.0.3.2, and 10.0.4.x before 10.0.4.0_iFix1. The flaw...
CVE-2014-6212
The CVE-2014-6212 issue is an XML External Entity (XXE) vulnerability in IBM Emptoris family products (Contract Management, Sourcing, Program Management/SSMP). The Echo API across multiple versions (Contract Management 9.5.x up to 9.5.0.6 iFix11; 10.0.0.x up to 10.0.0.1 iFix12; 10.0.1.x up to 10....
CVE-2015-4971
IBM Emptoris Strategic Supply Management Platform and Emptoris Program Management are vulnerable to cross-site scripting (XSS) via crafted URLs. The CVE-2015-4971 issue affects 10.x lines (e.g., 10.0.1.4_iFix3, 10.0.2.x before 10.0.2.7_iFix1, 10.0.3.x before 10.0.3.2, 10.0.4.x before 10.0.4.0_iFi...