Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-29735: Security Bulletin: IBM Security Guardium is affected by a Cross-Site Scripting in Guardium STAP vulnerability

IBM Security Guardium 10.5, 10.6, 11.0, 11.1, 11.2, and 11.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE
Open in Source
#vulnerability#web#java

Related news

CVE-2021-29912: IBM Security Risk Manager on CP4S cross-site scripting CVE-2021-29912 Vulnerability Report

IBM Security Risk Manager on CP4S 1.7.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 207828.

CVE-2021-29912: IBM X-Force Exchange

IBM Security Risk Manager on CP4S 1.7.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 207828.

CVE-2021-20561: IBM Sterling File Gateway cross-site scripting CVE-2021-20561 Vulnerability Report

IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199230.

CVE-2021-20481: Security Bulletin: Cross-Site Scripting Vulnerability Affects IBM Sterling File Gateway (CVE-2021-20481)

IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 197503.

CVE-2021-29855: IBM Sterling B2B Integrator Standard Edition cross-site scripting CVE-2021-29855 Vulnerability Report

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 205684.

CVE-2021-29764: IBM Sterling B2B Integrator Standard Edition cross-site scripting CVE-2021-29764 Vulnerability Report

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 202268.

CVE-2021-29836: Security Bulletin: Cross-Site Scripting Vulnerablity Affects the Dashboad UI of IBM Sterling B2B Integrator (CVE-2021-29836)

IBM Sterling B2B Integrator Standard Edition 5.2.0.0. through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204912.

CVE-2021-20554: IBM Sterling Order Management cross-site scripting CVE-2021-20554 Vulnerability Report

IBM Sterling Order Management 9.4, 9.5, and 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199179.

CVE-2021-20554: IBM X-Force Exchange

IBM Sterling Order Management 9.4, 9.5, and 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199179.

CVE-2021-20484: Security Bulletin: Cross-Site Scripting Vulnerability Affects IBM Sterling File Gateway (CVE-2021-20484)

IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 197666.

CVE-2021-20484: Security Bulletin: Cross-Site Scripting Vulnerability Affects IBM Sterling File Gateway (CVE-2021-20484)

IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 197666.

CVE-2020-4690: Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities (CVE-2021-20377, CVE-2020-4690)

IBM Security Guardium 11.3 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 186697.

CVE-2020-4690: Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities (CVE-2021-20377, CVE-2020-4690)

IBM Security Guardium 11.3 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 186697.

CVE-2021-20562: Security Bulletin: XSS Security Vulnerabilty Affects Mailbox UI of IBM Sterling B2B Integrator (CVE-2021-20562)

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_3 and 6.1.0.0 through 6.1.0.2 vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199232.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE