Campaign

campaign

Vendor: Ibm • 8 CVEs

CVEs (8)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-1921 1Ibm 1Campaign Nov 21, 2024 Jul 17, 2019 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 IBM Campaign 9.1.0, 9.1.2, 10.1, and 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leadi...Show more IBM Campaign 9.1.0, 9.1.2, 10.1, and 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152857.Show less
CVE-2019-4384 1Ibm 1Campaign Nov 21, 2024 Jun 19, 2019 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 IBM Campaign 9.1.2 and 10.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the...Show more IBM Campaign 9.1.2 and 10.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 162172.Show less
CVE-2018-1941 1Ibm 1Campaign Nov 21, 2024 Dec 5, 2018 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 IBM Campaign 9.1.0 and 9.1.2 could allow a local user to obtain admini privileges due to the application not validating access permissions. IBM X-Force ID: 153382.
CVE-2016-9749 1Ibm 1Campaign Nov 21, 2024 Nov 9, 2018 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 IBM Campaign 9.1.0, 9.1.2, 10.0, and 10.1 could allow an authenticated user with access to the local network to bypass security due to lack of input validation. IBM X-Force ID: 120206.
CVE-2017-1115 1Ibm 1Campaign Nov 21, 2024 Sep 7, 2018 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 IBM Campaign 9.1, 9.1.2, and 10 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hos...Show more IBM Campaign 9.1, 9.1.2, and 10 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 121153.Show less
CVE-2017-1114 1Ibm 1Campaign Nov 21, 2024 Sep 7, 2018 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 IBM Campaign 9.1, 9.1.2, and 10 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cred...Show more IBM Campaign 9.1, 9.1.2, and 10 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 121152.Show less
CVE-2017-1116 1Ibm 1Campaign Nov 21, 2024 Apr 27, 2018 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 IBM Campaign 8.6, 9.0, 9.1, 9.1.1, 9.1.2, and 10.0 contains excessive details on the client side which could provide information useful for an authenticated user to conduct other attacks. IBM X-Force ID: 121154.
CVE-2016-0265 1Ibm 1Campaign May 13, 2026 Feb 1, 2017 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 IBM Campaign is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's W...Show more IBM Campaign is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.Show less