Show filters
36 Total Results
Displaying 31-36 of 36
Sort by:
Attacker Value
Unknown

CVE-2017-1146

Disclosure Date: March 20, 2017 (last updated November 26, 2024)
IBM Content Navigator 2.0.3 and 3.0.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1999736.
0
0
Attacker Value
Unknown

CVE-2015-1888

Disclosure Date: October 03, 2015 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.0.2 before 2.0.2-ICN-FP007 and 2.0.3 before 2.0.3-ICN-FP003, as used in Content Manager, FileNet Content Manager, Content Foundation, Content Manager OnDemand, and other products, allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
0
0
Attacker Value
Unknown

CVE-2014-8911

Disclosure Date: February 14, 2015 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.0.0 and 2.0.1 before 2.0.1.2 FP002 IF003 and 2.0.3 before 2.0.3.2 FP002 allows remote attackers to inject arbitrary web script or HTML via the Accept-Language HTTP header.
0
0
Attacker Value
Unknown

CVE-2014-0874

Disclosure Date: February 28, 2014 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.x before 2.0.2.2-ICN-FP002 allows remote authenticated users to inject arbitrary web script or HTML via an unspecified parameter.
0
0
Attacker Value
Unknown

CVE-2014-0858

Disclosure Date: February 27, 2014 (last updated October 05, 2023)
IBM Content Navigator 2.x before 2.0.2.2-ICN-FP002 allows remote authenticated users to bypass intended access restrictions and conduct deleteAction attacks via a modified URL.
0
0
Attacker Value
Unknown

CVE-2013-5462

Disclosure Date: December 19, 2013 (last updated October 05, 2023)
IBM/ECMClient/configure/explodedformat/navigator/header.jsp in IBM Content Navigator 2.0.0, 2.0.1 before 2.0.1.2-ICN-FP002, and 2.0.2 before 2.0.2.1-ICN-FP001 allows remote attackers to conduct clickjacking attacks via vectors involving FRAME elements.
0
0
View More Topics  < Previous