Financial Transaction Manager@3.0.2 Security Vulnerabilities and Issues — Financial Transaction Manager@3.0.2 CVE List

Lucene search

IbmFinancial Transaction Manager3.0.2

8 matches found

CVE•added 2021/06/15 8:15 p.m.•43 views

CVE-2020-5000

IBM Financial Transaction Manager 3.2.0 through 3.2.8 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ...

5.4CVSS5.4AI score0.00259EPSS

CVE•added 2018/02/21 9:29 p.m.•41 views

CVE-2017-1758

IBM Financial Transaction Manager for ACH Services for Multi-Platform (IBM Control Center 6.0 and 6.1, IBM Financial Transaction Manager 3.0.2, 3.0.3, 3.0.4, and 3.1.0, IBM Transformation Extender Advanced 9.0) is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. ...

7.1CVSS6.8AI score0.00481EPSS

CVE•added 2018/10/04 3:0 p.m.•40 views

CVE-2018-1819

IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.2, 3.0.4, 3.0.6, and 3.2.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database....

8.8CVSS8.7AI score0.00481EPSS

CVE•added 2018/12/06 2:29 p.m.•36 views

CVE-2018-1871

IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.0, 3.0.2, and 3.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials discl...

5.4CVSS5.2AI score0.00161EPSS

CVE•added 2018/03/30 4:29 p.m.•35 views

CVE-2018-1390

IBM Financial Transaction Manager for Check Services for Multi-Platform 3.0, 3.0.2, and 3.0.2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclos...

5.4CVSS5.2AI score0.00216EPSS

CVE•added 2020/12/21 6:15 p.m.•35 views

CVE-2020-4555

IBM Financial Transaction Manager 3.0.6 and 3.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 183328.

6.3CVSS5.1AI score0.0026EPSS

CVE•added 2018/10/04 3:0 p.m.•34 views

CVE-2018-1670

IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.2 could allow an authenticated user to obtain sensitive product configuration information from log files. IBM X-Force ID: 144946.

4.3CVSS4.1AI score0.00221EPSS

CVE•added 2019/05/10 3:29 p.m.•33 views

CVE-2018-1790

IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 148944.

8.8CVSS8.4AI score0.00094EPSS