Total
41201 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-4303 | 1 Ibm | 1 Websphere Application Server | 2024-11-21 | 6.1 Medium |
| IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 176668. | ||||
| CVE-2020-4298 | 1 Ibm | 2 Infosphere Information Server, Infosphere Information Server On Cloud | 2024-11-21 | 5.4 Medium |
| IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 176475. | ||||
| CVE-2020-4297 | 1 Ibm | 2 Doors Next, Rational Doors Next Generation | 2024-11-21 | 5.4 Medium |
| IBM DOORS Next Generation (DNG/RRC) 6.0.2, 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 176474. | ||||
| CVE-2020-4295 | 1 Ibm | 2 Doors Next, Rational Doors Next Generation | 2024-11-21 | 5.4 Medium |
| IBM DOORS Next Generation (DNG/RRC) 6.0.2, 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 176408. | ||||
| CVE-2020-4281 | 1 Ibm | 2 Doors Next, Rational Doors Next Generation | 2024-11-21 | 5.4 Medium |
| IBM DOORS Next Generation (DNG/RRC) 6.0.2, 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 176141. | ||||
| CVE-2020-4268 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2024-11-21 | 5.4 Medium |
| IBM QRadar 7.3.0 to 7.3.3 Patch 2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-ForceID: 175841. | ||||
| CVE-2020-4252 | 1 Ibm | 2 Doors Next Generation, Rational Doors Next Generation | 2024-11-21 | 5.4 Medium |
| IBM DOORS Next Generation (DNG/RRC) 6.0.2. 6.0.6, and 6.0.61 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 175490. | ||||
| CVE-2020-4251 | 1 Ibm | 1 Api Connect | 2024-11-21 | 5.4 Medium |
| IBM API Connect 5.0.0.0 through 5.0.8.8 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 175489. | ||||
| CVE-2020-4235 | 1 Ibm | 1 Tivoli Netcool\/impact | 2024-11-21 | 5.4 Medium |
| IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 175408. | ||||
| CVE-2020-4223 | 1 Ibm | 1 Maximo Asset Management | 2024-11-21 | 5.4 Medium |
| IBM Maximo Asset Management 7.6.0.10 and 7.6.1.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 175121. | ||||
| CVE-2020-4198 | 1 Ibm | 1 Tivoli Netcool\/omnibus | 2024-11-21 | 5.4 Medium |
| IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 174909. | ||||
| CVE-2020-4196 | 1 Ibm | 1 Tivoli Netcool\/omnibus | 2024-11-21 | 5.4 Medium |
| IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 174907. | ||||
| CVE-2020-4183 | 2 Ibm, Linux | 2 Security Guardium, Linux Kernel | 2024-11-21 | 6.1 Medium |
| IBM Security Guardium 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 174739. | ||||
| CVE-2020-4182 | 1 Ibm | 1 Security Guardium | 2024-11-21 | 6.1 Medium |
| IBM Security Guardium 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 174738. | ||||
| CVE-2020-4162 | 1 Ibm | 1 Infosphere Information Server | 2024-11-21 | 5.4 Medium |
| IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 174342. | ||||
| CVE-2020-4153 | 1 Ibm | 1 Qradar Network Security | 2024-11-21 | 5.4 Medium |
| IBM QRadar Network Security 5.4.0 and 5.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 174269. | ||||
| CVE-2020-4140 | 1 Ibm | 1 Security Siteprotector System | 2024-11-21 | 5.4 Medium |
| IBM Security SiteProtector System 3.1.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 174052. | ||||
| CVE-2020-4104 | 1 Hcltech | 1 Bigfix Webui | 2024-11-21 | 5.4 Medium |
| HCL BigFix WebUI is vulnerable to stored cross-site scripting (XSS) within the Apps->Software module. An attacker can use XSS to send a malicious script to an unsuspecting user. This affects all versions prior to latest releases as specified in https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0080855&sys_kb_id=971d99ed1b8ed01c086dcbfc0a4bcb6a. | ||||
| CVE-2020-4084 | 1 Hcltech | 1 Connections | 2024-11-21 | 5.4 Medium |
| HCL Connections v5.5, v6.0, and v6.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | ||||
| CVE-2020-4082 | 1 Hcltech | 1 Connections | 2024-11-21 | 5.4 Medium |
| The HCL Connections 5.5 help system is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. | ||||