Filtered by vendor Ibm
Subscriptions
Filtered by product Tririga Application Platform
Subscriptions
Total
46 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2014-4836 | 1 Ibm | 1 Tririga Application Platform | 2024-08-06 | N/A |
Cross-site scripting (XSS) vulnerability in breakOutWithName.jsp in IBM TRIRIGA Application Platform 3.2 and 3.3 before 3.3.0.2, 3.3.1 before 3.3.1.3, 3.3.2 before 3.3.2.2, and 3.4 before 3.4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | ||||
CVE-2014-4840 | 1 Ibm | 1 Tririga Application Platform | 2024-08-06 | N/A |
IBM TRIRIGA Application Platform 3.2 and 3.3 before 3.3.0.2, 3.3.1 before 3.3.1.3, 3.3.2 before 3.3.2.2, and 3.4 before 3.4.0.1 allows remote attackers to execute arbitrary code via a crafted URL. | ||||
CVE-2016-9737 | 1 Ibm | 1 Tririga Application Platform | 2024-08-06 | N/A |
IBM TRIRIGA 3.3, 3.4, and 3.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1996200. | ||||
CVE-2016-5980 | 1 Ibm | 1 Tririga Application Platform | 2024-08-06 | N/A |
IBM TRIRIGA Application Platform is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | ||||
CVE-2016-6000 | 1 Ibm | 1 Tririga Application Platform | 2024-08-06 | N/A |
IBM TRIRIGA Application Platform is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | ||||
CVE-2016-2917 | 1 Ibm | 1 Tririga Application Platform | 2024-08-05 | N/A |
The notifications component in IBM TRIRIGA Applications 10.4 and 10.5 before 10.5.1 allows remote authenticated users to obtain sensitive password information, and consequently gain privileges, via unspecified vectors. | ||||
CVE-2016-2882 | 1 Ibm | 1 Tririga Application Platform | 2024-08-05 | N/A |
IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to obtain sensitive information by reading HTTP responses. | ||||
CVE-2016-2883 | 1 Ibm | 1 Tririga Application Platform | 2024-08-05 | N/A |
Cross-site scripting (XSS) vulnerability in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2016-0387. | ||||
CVE-2016-0386 | 1 Ibm | 1 Tririga Application Platform | 2024-08-05 | N/A |
Cross-site request forgery (CSRF) vulnerability in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to hijack the authentication of administrators for requests that delete employees. | ||||
CVE-2016-0362 | 1 Ibm | 1 Tririga Application Platform | 2024-08-05 | N/A |
IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, and trigger network traffic to arbitrary intranet or Internet hosts, via a crafted proxy request to a web service. | ||||
CVE-2016-0387 | 1 Ibm | 1 Tririga Application Platform | 2024-08-05 | N/A |
Cross-site scripting (XSS) vulnerability in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2016-2883. | ||||
CVE-2016-0348 | 1 Ibm | 1 Tririga Application Platform | 2024-08-05 | N/A |
Cross-site request forgery (CSRF) vulnerability in IBM TRIRIGA Application Platform 3.3, 3.3.1, 3.3.2, and 3.4 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. IBM X-Force ID: 111813. | ||||
CVE-2016-0343 | 1 Ibm | 1 Tririga Application Platform | 2024-08-05 | N/A |
IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to obtain sensitive information by reading an error message. IBM X-Force ID: 111784. | ||||
CVE-2016-0374 | 1 Ibm | 1 Tririga Application Platform | 2024-08-05 | N/A |
The builder tools in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allow remote authenticated users to gain privileges for application modification via unspecified vectors. | ||||
CVE-2016-0342 | 1 Ibm | 1 Tririga Application Platform | 2024-08-05 | N/A |
IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to read or modify arbitrary reports by leveraging an incorrect grant of access. IBM X-Force ID: 111783. | ||||
CVE-2016-0345 | 1 Ibm | 1 Tririga Application Platform | 2024-08-05 | N/A |
IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to obtain the installation path via vectors involving Birt report rendering. IBM X-Force ID: 111786. | ||||
CVE-2016-0344 | 1 Ibm | 1 Tririga Application Platform | 2024-08-05 | N/A |
Cross-site scripting (XSS) vulnerability in the My Reports component in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 111785. | ||||
CVE-2016-0312 | 1 Ibm | 1 Tririga Application Platform | 2024-08-05 | N/A |
IBM TRIRIGA Application Platform before 3.3.2 allows remote attackers to obtain sensitive information via vectors related to granting unauthenticated access to Document Manager. IBM X-Force ID: 111486. | ||||
CVE-2016-0299 | 1 Ibm | 1 Tririga Application Platform | 2024-08-05 | N/A |
IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote attackers to obtain sensitive information via vectors involving a database query. IBM X-Force ID: 111382. | ||||
CVE-2016-0300 | 1 Ibm | 1 Tririga Application Platform | 2024-08-05 | N/A |
IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 might allow remote attackers to access arbitrary JSP pages via vectors related to improper input validation. IBM X-Force ID: 111412. |