| Max CVSS | 6.8 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-3003 | 3.5 |
Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5 before CR1 allows remote authenticated users to inject arbitrary web script or HTML via an embedded string, a different vulnerabili
|
28-11-2016 - 20:05 | 26-09-2016 - 04:59 | |
| CVE-2016-3007 | 6.8 |
Cross-site request forgery (CSRF) vulnerability in IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5 before CR1 allows remote authenticated users to hijack the authentication of arbitrary users.
|
28-11-2016 - 20:05 | 26-09-2016 - 04:59 | |
| CVE-2016-2999 | 4.0 |
IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5 before CR1 allows remote authenticated users to obtain sensitive information via an unspecified brute-force attack.
|
28-11-2016 - 20:05 | 26-09-2016 - 04:59 | |
| CVE-2016-3001 | 3.5 |
Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5 before CR1 allows remote authenticated users to inject arbitrary web script or HTML via an embedded string, a different vulnerabili
|
28-11-2016 - 20:05 | 26-09-2016 - 04:59 | |
| CVE-2016-3000 | 4.0 |
The help service in IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5 before CR1 allows remote authenticated users to cause a denial of service (service degradation) via a crafted URL.
|
28-11-2016 - 20:05 | 26-09-2016 - 04:59 | |
| CVE-2016-3006 | 3.5 |
Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5 before CR1 allows remote authenticated users to inject arbitrary web script or HTML via an embedded string, a different vulnerabili
|
28-11-2016 - 20:05 | 26-09-2016 - 04:59 |