Total
21765 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-6096 | 1 Ibm | 1 Security Identity Manager | 2017-09-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Security Identity Manager 6.x before 6.0.0.3 IF14 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | |||||
| CVE-2017-14126 | 1 Xnau | 1 Participants Database | 2017-09-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Participants Database plugin before 1.7.5.10 for WordPress has XSS. | |||||
| CVE-2014-6091 | 1 Ibm | 1 Curam Social Program Management | 2017-09-07 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Curam Social Program Management (SPM) 6.0.4 before 6.0.4.5 iFix7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | |||||
| CVE-2014-9505 | 1 School Administration Project | 1 School Administration | 2017-09-07 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the School Administration module 7.x-1.x before 7.x-1.8 for Drupal allows remote authenticated users with permission to create or edit a class node to inject arbitrary web script or HTML via a node title. | |||||
| CVE-2014-6145 | 1 Ibm | 1 Cognos Business Intelligence | 2017-09-07 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the server in IBM Cognos Business Intelligence 10.1 before IF10, 10.1.1 before IF9, 10.2 before IF11, 10.2.1 before IF8, and 10.2.1.1 before IF7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | |||||
| CVE-2014-6126 | 1 Ibm | 1 Websphere Portal | 2017-09-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.5.0 before CF03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2014-6113 | 1 Ibm | 1 Tivoli Endpoint Manager | 2017-09-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Web Reports component in IBM Tivoli Endpoint Manager 9.1 before 9.1.1229 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2014-6101 | 1 Ibm | 1 Business Process Manager | 2017-09-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the redirect-login feature in IBM Business Process Manager (BPM) Advanced 7.5 through 8.5.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | |||||
| CVE-2014-6180 | 1 Ibm | 1 Websphere Service Registry And Repository | 2017-09-07 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the Web UI in IBM WebSphere Service Registry and Repository (WSRR) 7.0.x before 7.0.0.5 and 7.5.x before 7.5.0.1 allows remote authenticated users to inject arbitrary web script or HTML via the HTTP User-Agent header. | |||||
| CVE-2014-100017 | 1 Phponlinechat | 1 Phponlinechat | 2017-09-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in canned_opr.php in PhpOnlineChat 3.0 allows remote attackers to inject arbitrary web script or HTML via the message field. | |||||
| CVE-2014-6121 | 1 Ibm | 2 Security Appscan, Security Appscan Source | 2017-09-07 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8.6 IFix 004, 8.7 before 8.7 IFix 004, 8.8 before 8.8 iFix 003, 9.0 before 9.0.0.1 iFix 003, and 9.0.1 before 9.0.1 iFix 001 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | |||||
| CVE-2014-6132 | 1 Ibm | 1 Websphere Service Registry And Repository | 2017-09-07 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the Web UI in IBM WebSphere Service Registry and Repository (WSRR) 6.3 through 6.3.0.5, 7.0.x through 7.0.0.5, 7.5.x through 7.5.0.4, 8.0.x before 8.0.0.3, and 8.5.x before 8.5.0.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2014-6137 | 1 Ibm | 1 Tivoli Endpoint Manager | 2017-09-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Relay Diagnostic page in IBM Tivoli Endpoint Manager 9.1 before 9.1.1229 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2014-6150 | 1 Ibm | 1 Tivoli Application Dependency Discovery Manager | 2017-09-07 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.1.0 through 7.2.1.6 and 7.2.2.0 through 7.2.2.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | |||||
| CVE-2014-6152 | 1 Ibm | 1 Tivoli Integrated Portal | 2017-09-07 | 3.5 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Integrated Portal (TIP) 2.2.x allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2014-6163 | 1 Ibm | 1 Websphere Datapower Xc10 Appliance Firmware | 2017-09-07 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability on the IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | |||||
| CVE-2014-6167 | 1 Ibm | 1 Websphere Application Server | 2017-09-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the URL rewriting feature in IBM WebSphere Application Server 7.x before 7.0.0.37, 8.0.x before 8.0.0.10, and 8.5.x before 8.5.5.4 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | |||||
| CVE-2014-6171 | 1 Ibm | 1 Websphere Portal | 2017-09-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 through 8.0.0.1 CF14, and 8.5.0 before CF04 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | |||||
| CVE-2014-6173 | 1 Ibm | 1 Business Process Manager | 2017-09-07 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the Process Inspector in IBM Business Process Manager (BPM) 8.0.x through 8.0.1.3 and 8.5.x through 8.5.5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | |||||
| CVE-2014-100034 | 1 Licensepal | 1 Arcticdesk | 2017-09-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the frontend interface in LicensePal ArcticDesk before 1.2.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||