Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Ibm Subscribe
Filtered by product Openpages Grc Platform

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-0145 1 Ibm 1 Openpages Grc Platform 2015-10-05 6.8 MEDIUM N/A
Cross-site request forgery (CSRF) vulnerability in IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
CVE-2015-0144 1 Ibm 1 Openpages Grc Platform 2015-10-05 3.5 LOW N/A
Cross-site scripting (XSS) vulnerability in IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2014-8916.
CVE-2015-0143 1 Ibm 1 Openpages Grc Platform 2015-10-05 4.0 MEDIUM N/A
IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to obtain sensitive information by reading error messages.
CVE-2015-0142 1 Ibm 1 Openpages Grc Platform 2015-10-05 4.0 MEDIUM N/A
IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to cause a denial of service (maintenance-mode transition and data-storage outage) by calling the System Administration Mode function.
CVE-2014-8916 1 Ibm 1 Openpages Grc Platform 2015-10-05 3.5 LOW N/A
Cross-site scripting (XSS) vulnerability in IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2015-0144.
CVE-2015-0141 1 Ibm 1 Openpages Grc Platform 2015-10-05 4.0 MEDIUM N/A
IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to modify arbitrary user filters via a JSON request.
CVE-2014-3011 1 Ibm 1 Openpages Grc Platform 2014-06-30 5.0 MEDIUM N/A
IBM OpenPages GRC Platform 6.1.0.1 before IF4 allows remote attackers to conduct link injection attacks via unspecified vectors.
CVE-2011-1381 1 Ibm 1 Openpages Grc Platform 2014-06-30 6.4 MEDIUM N/A
Unspecified vulnerability in IBM OpenPages GRC Platform 6.1.0.1 before IF4 allows remote attackers to bypass intended access restrictions via unknown vectors.