Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
IbmTririga Application Platform3.4.1.0

16 matches found

CVE
CVEadded 2017/07/21 8:29 p.m.50 views

CVE-2017-1371

Builder tools running in the IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 contains a vulnerability that could allow an authenticated user to execute Builder tool actions they do not have access to. IBM X-Force ID: 126864.

8.8CVSS8.3AI score0.00459EPSS
CVE
CVEadded 2017/07/21 8:29 p.m.46 views

CVE-2017-1374

Sensitive data can be exposed in the IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 that can lead to an attacker gaining unauthorized access to the system. IBM X-Force ID: 126867.

6.5CVSS6.2AI score0.00261EPSS
CVE
CVEadded 2017/12/07 3:29 p.m.46 views

CVE-2017-1465

IBM TRIRIGA 3.2, 3.3, 3.4, and 3.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the...

5.4CVSS5.4AI score0.0012EPSS
CVE
CVEadded 2017/07/21 8:29 p.m.45 views

CVE-2017-1372

IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...

5.4CVSS5.2AI score0.00198EPSS
CVE
CVEadded 2017/02/01 8:59 p.m.42 views

CVE-2016-6000

IBM TRIRIGA Application Platform is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

6.1CVSS5.8AI score0.00238EPSS
CVE
CVEadded 2015/01/29 1:59 a.m.41 views

CVE-2014-8895

IBM TRIRIGA Application Platform 3.2.1.x, 3.3.2 before 3.3.2.3, and 3.4.1 before 3.4.1.1 allows remote attackers to bypass intended access restrictions and read the image files of arbitrary users via a crafted URL.

4.3CVSS6.7AI score0.0021EPSS
CVE
CVEadded 2017/02/01 8:59 p.m.41 views

CVE-2016-5980

IBM TRIRIGA Application Platform is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

5.4CVSS5.2AI score0.00227EPSS
CVE
CVEadded 2017/07/21 8:29 p.m.41 views

CVE-2017-1373

Reports executed in the IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 contains a vulnerability that could allow an authenticated user to execute a report they do not have access to. IBM X-Force ID: 126866.

8.8CVSS8.3AI score0.00598EPSS
CVE
CVEadded 2016/07/02 2:59 p.m.40 views

CVE-2016-0387

Cross-site scripting (XSS) vulnerability in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2016-2883.

5.4CVSS4.9AI score0.00168EPSS
CVE
CVEadded 2017/03/31 6:59 p.m.40 views

CVE-2017-1171

The IBM TRIRIGA Application Platform 3.3, 3,4, and 3,5 contain a vulnerability that could allow an authenticated user to execute Application actions they do not have access to. IBM Reference #: 2001083.

4.3CVSS4.6AI score0.0019EPSS
CVE
CVEadded 2016/07/01 1:59 a.m.39 views

CVE-2016-0362

IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, and trigger network traffic to arbitrary intranet or Internet hosts, via a crafted proxy request to a web service.

7.7CVSS7.1AI score0.00138EPSS
CVE
CVEadded 2016/07/01 1:59 a.m.39 views

CVE-2016-0374

The builder tools in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allow remote authenticated users to gain privileges for application modification via unspecified vectors.

8.8CVSS8.3AI score0.00599EPSS
CVE
CVEadded 2017/03/27 10:59 p.m.39 views

CVE-2016-9737

IBM TRIRIGA 3.3, 3.4, and 3.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1996200.

5.4CVSS5.2AI score0.00227EPSS
CVE
CVEadded 2017/03/27 10:59 p.m.37 views

CVE-2017-1153

IBM TRIRIGA Report Manager 3.2 through 3.5 contains a vulnerability that could allow an authenticated user to execute actions that they do not have access to. IBM Reference #: 1999563.

8.8CVSS8.5AI score0.00528EPSS
CVE
CVEadded 2015/01/29 1:59 a.m.33 views

CVE-2014-8893

Multiple cross-site scripting (XSS) vulnerabilities in (1) mainpage.jsp and (2) GetImageServlet.img in IBM TRIRIGA Application Platform 3.2.1.x, 3.3.2 before 3.3.2.3, and 3.4.1 before 3.4.1.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

3.5CVSS5.2AI score0.00188EPSS
CVE
CVEadded 2015/01/29 1:59 a.m.32 views

CVE-2014-8894

Open redirect vulnerability in IBM TRIRIGA Application Platform 3.2.1.x, 3.3.2 before 3.3.2.3, and 3.4.1 before 3.4.1.1 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via the out parameter.

4.9CVSS6.3AI score0.0018EPSS