Ibm Emptoris Program Management vulnerabilities
3 known vulnerabilities affecting ibm/emptoris_program_management.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2LOW1
Vulnerabilities
Page 1 of 1
CVE-2015-4939MEDIUMCVSS 4.3v10.0.0.0v10.0.0.1+14 more2015-10-06
CVE-2015-4939 [MEDIUM] CWE-79 CVE-2015-4939: Cross-site scripting (XSS) vulnerability in IBM Emptoris Supplier Lifecycle Management and Emptoris
Cross-site scripting (XSS) vulnerability in IBM Emptoris Supplier Lifecycle Management and Emptoris Program Management 10.x before 10.0.1.4_iFix3, 10.0.2.x before 10.0.2.7_iFix1, 10.0.3.x before 10.0.3.2, and 10.0.4.x before 10.0.4.0_iFix1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
nvd
CVE-2015-4971LOWCVSS 3.5v10.0.0.0v10.0.0.1+15 more2015-10-06
CVE-2015-4971 [LOW] CWE-79 CVE-2015-4971: Cross-site scripting (XSS) vulnerability in IBM Emptoris Strategic Supply Management Platform and Em
Cross-site scripting (XSS) vulnerability in IBM Emptoris Strategic Supply Management Platform and Emptoris Program Management 10.x before 10.0.1.4_iFix3, 10.0.2.x before 10.0.2.7_iFix1, 10.0.3.x before 10.0.3.2, and 10.0.4.x before 10.0.4.0_iFix1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
nvd
CVE-2014-6212MEDIUMCVSS 4.0v10.0.0.0v10.0.0.1+12 more2015-01-10
CVE-2014-6212 [MEDIUM] CVE-2014-6212: The Echo API in IBM Emptoris Contract Management 9.5.x before 9.5.0.6 iFix11, 10.0.0.x before 10.0.0
The Echo API in IBM Emptoris Contract Management 9.5.x before 9.5.0.6 iFix11, 10.0.0.x before 10.0.0.1 iFix12, 10.0.1.x before 10.0.1.5 iFix2, and 10.0.2.x before 10.0.2.2 iFix5; Emptoris Sourcing 9.5 before 9.5.1.3 iFix2, 10.0.0.x before 10.0.0.1 iFix1, 10.0.1.x before 10.0.1.3 iFix1, and 10.0.2.x before 10.0.2.5; and Emptoris Program Management (aka PGM) an
nvd