Powersc Security Vulnerabilities and Issues — Powersc CVE List

Lucene search

IbmPowersc

4 matches found

CVE•added 2024/02/02 2:15 a.m.•36 views

CVE-2023-50941

IBM PowerSC 1.3, 2.0, and 2.1 does not provide logout functionality, which could allow an authenticated user to gain access to an unauthorized user using session fixation. IBM X-Force ID: 275131.

6.3CVSS5.4AI score0.0003EPSS

CVE•added 2024/02/02 1:15 a.m.•34 views

CVE-2023-50933

IBM PowerSC 1.3, 2.0, and 2.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 275113.

6.1CVSS6.3AI score0.00046EPSS

CVE•added 2024/02/02 2:15 a.m.•34 views

CVE-2023-50938

IBM PowerSC 1.3, 2.0, and 2.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the vict...

6.5CVSS4.5AI score0.0003EPSS

CVE•added 2024/02/02 2:15 a.m.•33 views

CVE-2023-50935

IBM PowerSC 1.3, 2.0, and 2.1 fails to properly restrict access to a URL or resource, which may allow a remote attacker to obtain unauthorized access to application functionality and/or resources. IBM X-Force ID: 275115.

6.5CVSS6.2AI score0.00043EPSS