Lucene search
K
IbmForms Experience Builder

5 matches found

CVE
CVE
added 2016/09/01 1:0 a.m.43 views

CVE-2016-0370

IBM Forms Experience Builder 8.5, 8.5.1 and 8.6 are affected by a cross-site scripting (XSS) vulnerability that can be triggered by crafted input in applications built with the product. The root cause is input not being adequately filtered, allowing an attacker with administrator access to cause ...

3.5CVSS3.4AI score0.00913EPSS
CVE
CVE
added 2018/04/12 9:0 p.m.41 views

CVE-2014-6169

CVE-2014-6169 affects IBM Forms Experience Builder 8.5.0 and 8.5.1. The issue is a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. The connected sources confirm the affected product versions and the XSS nature b...

5.4CVSS5AI score0.00678EPSS
CVE
CVE
added 2016/11/30 8:0 p.m.41 views

CVE-2016-2884

IBM Forms Experience Builder is vulnerable to cross-site request forgery when configured with non-default settings. The issue arises from improper validation of user-supplied input, enabling a remote attacker to craft requests authenticated as the user and potentially insert XSS sequences. Affect...

8CVSS7.5AI score0.00478EPSS
CVE
CVE
added 2017/02/01 10:0 p.m.41 views

CVE-2016-6001

IBM Forms Experience Builder is affected by CVE-2016-6001 (SSRF) in versions 8.5, 8.5.1, and 8.6. The vulnerability arises from server-side requests initiated from the application design interface, allowing information disclosure of internal resources. Remediation is available: upgrade to IBM For...

3.5CVSS3.7AI score0.00554EPSS
CVE
CVE
added 2018/02/21 4:0 p.m.40 views

CVE-2016-0369

IBM Forms Experience Builder versions 8.5, 8.5.1 and 8.6 are affected by an XML External Entity (XXE) processing vulnerability. The root cause is XXE when processing XML data, which could allow a remote authenticated attacker to obtain sensitive information. The CVSS v3 base score is 2.7 (LOW). R...

4CVSS3.1AI score0.01004EPSS