Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Openpages_with_watson
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 15 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-12-11 | CVE-2024-35117 | IBM OpenPages with Watson 9.0 may write sensitive information, under specific configurations, in clear text to the system tracing log files that could be obtained by a privileged user. | Openpages_with_watson | 4.4 | ||
| 2025-01-27 | CVE-2024-37527 | IBM OpenPages with Watson 8.3 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | Openpages_with_watson | 5.4 | ||
| 2025-02-20 | CVE-2024-43196 | IBM OpenPages with Watson 8.3 and 9.0 application could allow an authenticated user to manipulate data in the Questionnaires application allowing the user to spoof other users' responses. | Openpages_with_watson | 4.3 | ||
| 2025-02-20 | CVE-2024-49355 | IBM OpenPages with Watson 8.3 and 9.0 may write improperly neutralized data to server log files when the tracing is enabled per the System Tracing feature. | Openpages_with_watson | 6.5 | ||
| 2025-02-20 | CVE-2024-49780 | IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages could allow a remote attacker to traverse directories on the system. An attacker with privileges to perform Import Configuration could send a specially crafted http request containing "dot dot" sequences (/../) in the file name parameter used in Import Configuration to write files to arbitrary locations outside of the specified directory and possibly overwrite arbitrary files. | Openpages_with_watson | 6.5 |