Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Ibm Subscribe
Filtered by product Mashups Center
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-7400 1 Ibm 1 Mashups Center 2016-12-02 6.8 MEDIUM 7.7 HIGH
The Lotus Mashups component in IBM Mashup Center 3.0.0.1 allows remote authenticated users to cause a denial of service (CPU consumption) via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CVE-2015-7407 1 Ibm 1 Mashups Center 2016-11-28 6.8 MEDIUM 8.8 HIGH
Cross-site request forgery (CSRF) vulnerability in Lotus Mashups in IBM Mashup Center 3.0.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.