) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Keyword (text search): java
- Search Type: Search All
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2016-8920 |
IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Published: February 01, 2017; 3:59:02 PM -0500 |
V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2016-6125 |
IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Published: February 01, 2017; 3:59:02 PM -0500 |
V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2016-6123 |
IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Published: February 01, 2017; 3:59:02 PM -0500 |
V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2016-6113 |
IBM Verse is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Published: February 01, 2017; 3:59:02 PM -0500 |
V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2016-6072 |
IBM Maximo Asset Management is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Published: February 01, 2017; 3:59:02 PM -0500 |
V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2016-6061 |
IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Published: February 01, 2017; 3:59:02 PM -0500 |
V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2016-6054 |
IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Published: February 01, 2017; 3:59:02 PM -0500 |
V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2016-6047 |
IBM Jazz Reporting Service (JRS) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Published: February 01, 2017; 3:59:02 PM -0500 |
V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2016-6046 |
IBM Tivoli Storage Manager Operations Center is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Published: February 01, 2017; 3:59:01 PM -0500 |
V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2016-6039 |
IBM Jazz Reporting Service (JRS) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Published: February 01, 2017; 3:59:01 PM -0500 |
V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2016-6030 |
IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Published: February 01, 2017; 3:59:01 PM -0500 |
V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2016-6000 |
IBM TRIRIGA Application Platform is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Published: February 01, 2017; 3:59:01 PM -0500 |
V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2016-5980 |
IBM TRIRIGA Application Platform is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Published: February 01, 2017; 3:59:01 PM -0500 |
V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2016-5951 |
IBM Kenexa LCMS Premier on Cloud is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Published: February 01, 2017; 3:59:01 PM -0500 |
V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2016-5948 |
IBM Kenexa LCMS Premier on Cloud is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Published: February 01, 2017; 3:59:01 PM -0500 |
V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2016-5899 |
IBM Jazz Reporting Service (JRS) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Published: February 01, 2017; 3:59:01 PM -0500 |
V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2016-5884 |
IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Published: February 01, 2017; 3:59:00 PM -0500 |
V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2016-5882 |
IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Published: February 01, 2017; 3:59:00 PM -0500 |
V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2016-5880 |
IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Published: February 01, 2017; 3:59:00 PM -0500 |
V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2016-3018 |
IBM Security Access Manager for Web is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Published: February 01, 2017; 3:59:00 PM -0500 |
V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |