Lucene search
K
IbmEmptoris Supplier Lifecycle Management

5 matches found

CVE
CVE
added 2017/08/09 6:0 p.m.60 views

CVE-2017-1448

CVE-2017-1448 affects IBM Emptoris Supplier Lifecycle Management 10.0.x–10.1.x. The vulnerability is an open redirect that could be exploited by an attacker to spoof the displayed URL and redirect victims to a malicious site, enabling phishing and potential data exposure. IBM security bulletin de...

5.4CVSS5.4AI score0.00686EPSS
CVE
CVE
added 2017/08/09 6:0 p.m.50 views

CVE-2016-8949

CVE-2016-8949 affects IBM Emptoris Supplier Lifecycle Management 10.0.x–10.1.1.x. A remote attacker could exploit an open redirect to spoof the URL and lure victims to a malicious site, enabling phishing and potential data exposure. IBM’s Security Bulletin for Emptoris SLM documents the vulnerabi...

5.4CVSS5.4AI score0.00694EPSS
CVE
CVE
added 2017/09/07 4:0 p.m.48 views

CVE-2017-1098

CVE-2017-1098 affects IBM Emptoris Supplier Lifecycle Management, specifically the 10.1.0.x line. The connected documents confirm a cross-site scripting vulnerability in the Web UI that could enable an attacker to inject arbitrary JavaScript, potentially altering functionality and leading to cred...

5.4CVSS5.6AI score0.0054EPSS
CVE
CVE
added 2015/10/05 10:0 a.m.47 views

CVE-2015-4939

CVE-2015-4939 is an XSS vulnerability in IBM Emptoris Supplier Lifecycle Management and Emptoris Program Management. Affected are IBM Emptoris products on 10.x releases prior to: 10.0.1.4_iFix3, 10.0.2.x before 10.0.2.7_iFix1, 10.0.3.x before 10.0.3.2, and 10.0.4.x before 10.0.4.0_iFix1. The flaw...

4.3CVSS7.4AI score0.00961EPSS
CVE
CVE
added 2017/08/09 6:0 p.m.46 views

CVE-2016-6121

Summary of technical details (CVE-2016-6121) : IBM Emptoris Supplier Lifecycle Management (SLM) versions 10.0.x–10.1.x are vulnerable to cross-site scripting (stored/reflected in the Web UI), enabling an attacker to inject arbitrary JavaScript and potentially disclose credentials within a trusted...

5.4CVSS5.3AI score0.00729EPSS