CVEs from 2016
Total
8,452
critical
critical 1,165
high
high 3,521
medium
medium 3,172
low
low 248
% Critical
13.8%
% with KEV
0.7%
% with exploit
6.8%
Top vendors
Top products
- phpmyadmin 3,382
- php 1,748
- squid 1,549
- samba 1,093
- drupal 868
- firefox 757
- moodle 700
- openssl 664
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-2979 | medium | 5.4 | 5.4 | 9y ago | IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functional… | |||
| CVE-2016-2973 | medium | 5.4 | 5.4 | 9y ago | IBM Sametime Media Services 8.5.2 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functional… | |||
| CVE-2016-9732 | medium | 5.4 | 5.4 | 9y ago | IBM Curam Social Program Management 6.0, 6.1, 6.2 and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the int… | |||
| CVE-2016-6021 | medium | 5.4 | 5.4 | 9y ago | IBM Emptoris Strategic Supply Management Platform 10.0 and 10.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering t… | |||
| CVE-2016-8949 | medium | 5.4 | 5.4 | 9y ago | IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-craf… | |||
| CVE-2016-6121 | medium | 5.4 | 5.4 | 9y ago | IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the … | |||
| CVE-2016-9718 | medium | 5.4 | 5.4 | 9y ago | IBM InfoSphere Master Data Management Server 10.1. 11.0. 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the We… | |||
| CVE-2016-9715 | medium | 5.4 | 5.4 | 9y ago | IBM InfoSphere Master Data Management Server 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI t… | |||
| CVE-2016-8975 | medium | 5.4 | 5.4 | 9y ago | IBM Rhapsody DM 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentiall… | |||
| CVE-2016-6118 | medium | 5.4 | 5.4 | 9y ago | IBM Emptoris Supplier Lifecycle Management 10.1.0.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended … | |||
| CVE-2016-7509 | medium | 5.4 | 5.4 | 9y ago | Cross-site scripting (XSS) vulnerability in GLPI 0.90.4 allows remote authenticated attackers to inject arbitrary web script or HTML by attaching a crafted HTML file to a ticket. | |||
| CVE-2016-8952 | medium | 5.4 | 5.4 | 9y ago | IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thu… | |||
| CVE-2016-6019 | medium | 5.4 | 5.4 | 9y ago | IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thu… | |||
| CVE-2016-8953 | medium | 5.4 | 5.4 | 9y ago | IBM Emptoris Sourcing 9.5.x through 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a re… | |||
| CVE-2016-8950 | medium | 5.4 | 5.4 | 9y ago | IBM Emptoris Sourcing 9.5.x through 10.1.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functiona… | |||
| CVE-2016-8948 | medium | 5.4 | 5.4 | 9y ago | IBM Emptoris Sourcing 9.5.x through 10.1.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functiona… | |||
| CVE-2016-8946 | medium | 5.4 | 5.4 | 9y ago | IBM Emptoris Sourcing 9.5.x through 10.1.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functiona… | |||
| CVE-2016-6114 | medium | 5.4 | 5.4 | 9y ago | IBM Emptoris Sourcing 9.5.x through 10.1.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functiona… | |||
| CVE-2016-9989 | medium | 5.4 | 5.4 | 9y ago | IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the inten… | |||
| CVE-2016-9988 | medium | 5.4 | 5.4 | 9y ago | IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the inten… | |||
| CVE-2016-9987 | medium | 5.4 | 5.4 | 9y ago | IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the inten… | |||
| CVE-2016-9986 | medium | 5.4 | 5.4 | 9y ago | IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the inten… | |||
| CVE-2016-9746 | medium | 5.4 | 5.4 | 9y ago | IBM Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionalit… | |||
| CVE-2016-9733 | medium | 5.4 | 5.4 | 9y ago | IBM Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionalit… | |||
| CVE-2016-9701 | medium | 5.4 | 5.4 | 9y ago | IBM Team Concert 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality pote… | |||
| CVE-2016-9747 | medium | 5.4 | 5.4 | 9y ago | IBM RELM 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially … | |||
| CVE-2016-9973 | medium | 5.4 | 5.4 | 9y ago | IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leadin… | |||
| CVE-2016-7469 | medium | 5.4 | 5.4 | 9y ago | A stored cross-site scripting (XSS) vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM,… | |||
| CVE-2016-4883 | medium | 5.4 | 5.4 | 9y ago | Cross-site scripting vulnerability in baserCMS version 3.0.10 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||
| CVE-2016-4880 | medium | 5.4 | 5.4 | 9y ago | baserCMS Cross-site Scripting vulnerability | |||
| CVE-2016-4877 | medium | 5.4 | 5.4 | 9y ago | Cross-site scripting vulnerability in baserCMS plugin Mail version 3.0.10 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | |||
| CVE-2016-6035 | medium | 5.4 | 5.4 | 9y ago | IBM Rational Quality Manager is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potential… | |||
| CVE-2016-5888 | medium | 5.4 | 5.4 | 9y ago | IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality p… | |||
| CVE-2016-3032 | medium | 5.4 | 5.4 | 9y ago | IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially … | |||
| CVE-2016-6519 | medium | 5.4 | 5.4 | 9y ago | Openstack Manila Persistent XSS in Metadata field | |||
| CVE-2016-9980 | medium | 5.4 | 5.4 | 9y ago | IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intende… | |||
| CVE-2016-9979 | medium | 5.4 | 5.4 | 9y ago | IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intende… | |||
| CVE-2016-3038 | medium | 5.4 | 5.4 | 9y ago | IBM Cognos TM1 10.1 and 10.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potential… | |||
| CVE-2016-0228 | medium | 5.4 | 5.4 | 9y ago | IBM Marketing Platform 10.0 could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in various scripts. An attacker could exploit this vulnerability to red… | |||
| CVE-2016-4870 | medium | 5.4 | 5.4 | 9y ago | Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to inject arbitrary web script or HTML via the Schedule function. | |||
| CVE-2016-4888 | medium | 5.4 | 5.4 | 9y ago | Cross-site scripting (XSS) vulnerability in ZOHO ManageEngine ServiceDesk Plus before 9.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||
| CVE-2016-8927 | medium | 5.4 | 5.4 | 9y ago | IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering… | |||
| CVE-2016-5642 | medium | 5.4 | 5.4 | 9y ago | Opmantek NMIS before 8.5.12G has XSS via SNMP. | |||
| CVE-2016-4317 | medium | 5.4 | 5.4 | 9y ago | Atlassian Confluence Server before 5.9.11 has XSS on the viewmyprofile.action page. | |||
| CVE-2016-3031 | medium | 5.4 | 5.4 | 9y ago | IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially … | |||
| CVE-2016-3015 | medium | 5.4 | 5.4 | 9y ago | IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially … | |||
| CVE-2016-8935 | medium | 5.4 | 5.4 | 9y ago | IBM Kenexa LMS on Cloud 13.1, 13.2, 13.2.2, 13.2.3, 13.2.4 and 14.0.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alt… | |||
| CVE-2016-6036 | medium | 5.4 | 5.4 | 9y ago | IBM Rational Quality Manager (RQM) 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intende… | |||
| CVE-2016-6031 | medium | 5.4 | 5.4 | 9y ago | IBM Rational Quality Manager 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended func… | |||
| CVE-2016-6022 | medium | 5.4 | 5.4 | 9y ago | IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functio… | |||
| CVE-2016-9472 | medium | 5.4 | 5.4 | 9y ago | Revive Adserver before 3.2.5 and 4.0.0 suffers from Reflected XSS. The Revive Adserver web installer scripts were vulnerable to a reflected XSS attack via the dbHost, dbUser, and possibly other param… | |||
| CVE-2016-9465 | medium | 5.4 | 5.4 | 9y ago | Nextcloud Server before 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from Stored XSS in CardDAV image export. The CardDAV image export functionality as implemented in Nextcloud/ownCloud all… | |||
| CVE-2016-9457 | medium | 5.4 | 5.4 | 9y ago | Revive Adserver before 3.2.3 suffers from Reflected XSS. `www/admin/stats.php` is vulnerable to reflected XSS attacks via multiple parameters that are not properly sanitised or escaped when displayed… | |||
| CVE-2016-9454 | medium | 5.4 | 5.4 | 9y ago | Revive Adserver before 3.2.3 suffers from Persistent XSS. A vector for persistent XSS attacks via the Revive Adserver user interface exists, requiring a trusted (non-admin) account. The banner image … | |||
| CVE-2016-9130 | medium | 5.4 | 5.4 | 9y ago | Revive Adserver before 3.2.3 suffers from Persistent XSS. A vector for persistent XSS attacks via the Revive Adserver user interface exists, requiring a trusted (non-admin) account. The website name … | |||
| CVE-2016-9128 | medium | 5.4 | 5.4 | 9y ago | Revive Adserver before 3.2.3 suffers from reflected XSS. The affiliate-preview.php script in www/admin is vulnerable to a reflected XSS attack. This vulnerability could be used by an attacker to stea… | |||
| CVE-2016-9126 | medium | 5.4 | 5.4 | 9y ago | Revive Adserver before 3.2.3 suffers from persistent XSS. Usernames are not properly escaped when displayed in the audit trail widget of the dashboard upon login, allowing persistent XSS attacks. An … | |||
| CVE-2016-9737 | medium | 5.4 | 5.4 | 9y ago | IBM TRIRIGA 3.3, 3.4, and 3.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentia… | |||
| CVE-2016-6056 | medium | 5.4 | 5.4 | 9y ago | IBM Call Center for Commerce 9.3 and 9.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionali… | |||
| CVE-2016-9696 | medium | 5.4 | 5.4 | 9y ago | IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the secu… | |||
| CVE-2016-9694 | medium | 5.4 | 5.4 | 9y ago | IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality pote… | |||
| CVE-2016-9006 | medium | 5.4 | 5.4 | 9y ago | IBM UrbanCode Deploy 6.1 and 6.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten… | |||
| CVE-2016-5932 | medium | 5.4 | 5.4 | 9y ago | IBM Connections 4.0, 4.5, 5.0, and 5.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality… | |||
| CVE-2016-9261 | medium | 5.4 | 5.4 | 9y ago | Cross-site scripting (XSS) vulnerability in Tenable Log Correlation Engine (aka LCE) before 4.8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||
| CVE-2016-9259 | medium | 5.4 | 5.4 | 9y ago | Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||
| CVE-2016-6055 | medium | 5.4 | 5.4 | 9y ago | IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended… | |||
| CVE-2016-8968 | medium | 5.4 | 5.4 | 9y ago | IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leadin… | |||
| CVE-2016-10223 | medium | 5.4 | 5.4 | 9y ago | An issue was discovered in BigTree CMS before 4.2.15. The vulnerability exists due to insufficient filtration of user-supplied data in the "id" HTTP GET parameter passed to the "core/admin/adjax/dash… | |||
| CVE-2016-3101 | medium | 5.4 | 5.4 | 9y ago | Jenkins Extra Columns Plugin allows Cross-Site Scripting (XSS) | |||
| CVE-2016-0310 | medium | 5.4 | 5.4 | 9y ago | IBM Connections 5.5 and earlier is vulnerable to possible host header injection attack that could cause navigation to the attacker's domain. | |||
| CVE-2016-0305 | medium | 5.4 | 5.4 | 9y ago | IBM Connections is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execut… | |||
| CVE-2016-6032 | medium | 5.4 | 5.4 | 9y ago | IBM Rational Team Concert 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functiona… | |||
| CVE-2016-1566 | medium | 5.4 | 5.4 | 10y ago | Cross-site scripting (XSS) vulnerability in the file browser in Guacamole 0.9.8 and 0.9.9, when file transfer is enabled to a location shared by multiple users, allows remote authenticated users to i… | |||
| CVE-2016-8999 | medium | 5.4 | 5.4 | 10y ago | IBM InfoSphere Information Server contains a Path-relative stylesheet import vulnerability that allows attackers to render a page in quirks mode thereby facilitating an attacker to inject malicious C… | |||
| CVE-2016-8929 | medium | 5.4 | 5.4 | 10y ago | IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the… | |||
| CVE-2016-5942 | medium | 5.4 | 5.4 | 10y ago | IBM Kenexa LMS on Cloud is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially le… | |||
| CVE-2016-5940 | medium | 5.4 | 5.4 | 10y ago | IBM Kenexa LMS on Cloud is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially le… | |||
| CVE-2016-2992 | medium | 5.4 | 5.4 | 10y ago | IBM Infosphere BigInsights is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially… | |||
| CVE-2016-2924 | medium | 5.4 | 5.4 | 10y ago | IBM Infosphere BigInsights is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted UR… | |||
| CVE-2016-0218 | medium | 5.4 | 5.4 | 10y ago | IBM Cognos Business Intelligence and IBM Cognos Analytics are vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerabi… | |||
| CVE-2016-0217 | medium | 5.4 | 5.4 | 10y ago | IBM Cognos Business Intelligence and IBM Cognos Analytics are vulnerable to stored cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vul… | |||
| CVE-2016-9731 | medium | 5.4 | 5.4 | 10y ago | IBM Business Process Manager is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potential… | |||
| CVE-2016-8943 | medium | 5.4 | 5.4 | 10y ago | IBM Tivoli Storage Productivity Center is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality… | |||
| CVE-2016-8934 | medium | 5.4 | 5.4 | 10y ago | IBM WebSphere Application Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten… | |||
| CVE-2016-8920 | medium | 5.4 | 5.4 | 10y ago | IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended funct… | |||
| CVE-2016-8911 | medium | 5.4 | 5.4 | 10y ago | IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could… | |||
| CVE-2016-6125 | medium | 5.4 | 5.4 | 10y ago | IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended funct… | |||
| CVE-2016-6123 | medium | 5.4 | 5.4 | 10y ago | IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended funct… | |||
| CVE-2016-6072 | medium | 5.4 | 5.4 | 10y ago | IBM Maximo Asset Management is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentiall… | |||
| CVE-2016-6061 | medium | 5.4 | 5.4 | 10y ago | IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leadin… | |||
| CVE-2016-6054 | medium | 5.4 | 5.4 | 10y ago | IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leadin… | |||
| CVE-2016-6047 | medium | 5.4 | 5.4 | 10y ago | IBM Jazz Reporting Service (JRS) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten… | |||
| CVE-2016-6046 | medium | 5.4 | 5.4 | 10y ago | IBM Tivoli Storage Manager Operations Center is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functio… | |||
| CVE-2016-6039 | medium | 5.4 | 5.4 | 10y ago | IBM Jazz Reporting Service (JRS) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten… | |||
| CVE-2016-6030 | medium | 5.4 | 5.4 | 10y ago | IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leadin… | |||
| CVE-2016-5980 | medium | 5.4 | 5.4 | 10y ago | IBM TRIRIGA Application Platform is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten… | |||
| CVE-2016-5951 | medium | 5.4 | 5.4 | 10y ago | IBM Kenexa LCMS Premier on Cloud is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten… | |||
| CVE-2016-5948 | medium | 5.4 | 5.4 | 10y ago | IBM Kenexa LCMS Premier on Cloud is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten… | |||
| CVE-2016-5899 | medium | 5.4 | 5.4 | 10y ago | IBM Jazz Reporting Service (JRS) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten… | |||
| CVE-2016-5897 | medium | 5.4 | 5.4 | 10y ago | IBM Jazz Reporting Service (JRS) is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the secur… |