Ibm Openpages Grc Platform — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Openpages Grc Platform, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (22)
CVE-2017-1300 — CVSS 8.8 (high): IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious…
CVE-2015-0145 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and…
CVE-2024-35151 — CVSS 6.5 (medium): IBM OpenPages with Watson 8.3 and 9.0 could allow authenticated users access to sensitive information through improper authorization…
CVE-2011-1381 — CVSS 6.4 (medium): Unspecified vulnerability in IBM OpenPages GRC Platform 6.1.0.1 before IF4 allows remote attackers to bypass intended access restrictions…
CVE-2017-1679 — CVSS 5.5 (medium): IBM OpenPages GRC Platform 7.2, 7.3, 7.4, and 8.0 could allow an attacker to obtain sensitive information from error log files. IBM X-Force…
CVE-2020-4535 — CVSS 5.4 (medium): IBM OpenPages GRC Platform 8.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2017-1147 — CVSS 5.4 (medium): IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2016-3048 — CVSS 5.4 (medium): IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2016-3049 — CVSS 5.4 (medium): IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which…
CVE-2015-5049 — CVSS 5.4 (medium): SQL injection vulnerability in the API in IBM OpenPages GRC Platform 7.0 before 7.0.0.4 IF3 and 7.1 before 7.1.0.1 IF6 allows remote…
CVE-2017-1290 — CVSS 5.4 (medium): IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2017-1333 — CVSS 5.3 (medium): IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 could allow an unauthenticated user to obtain sensitive information about the server that…
CVE-2017-1148 — CVSS 5.3 (medium): IBM OpenPages GRC Platform 7.2 and 7.3 with OpenPages Loss Event Entry (LEE) application could allow a user to obtain sensitive information…
CVE-2014-3011 — CVSS 5.0 (medium): IBM OpenPages GRC Platform 6.1.0.1 before IF4 allows remote attackers to conduct link injection attacks via unspecified vectors.
CVE-2020-4536 — CVSS 4.3 (medium): IBM OpenPages GRC Platform 8.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is…
CVE-2024-27257 — CVSS 4.3 (medium): IBM OpenPages 8.3 and 9.0 potentially exposes information about client-side source code through use of JavaScript source maps to…
CVE-2015-0143 — CVSS 4.0 (medium): IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users…
CVE-2015-0142 — CVSS 4.0 (medium): IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users…
CVE-2015-0141 — CVSS 4.0 (medium): IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users…
CVE-2016-0234 — CVSS 4.0 (medium): IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 could allow a local user to obtain sensitive information when a previous user has logged out…
CVE-2014-8916 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1…
CVE-2015-0144 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1…