Marketing Platform

marketing_platform

Vendor: Ibm • 13 CVEs

CVEs (13)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-1107 1Ibm 1Marketing Platform Nov 21, 2024 Jun 19, 2019 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 IBM Marketing Platform 9.1.0, 9.1.2, 10.0, and 10.1 exposes sensitive information in the headers that could be used by an authenticated attacker in further attacks against the system. IBM X-Force ID: 120906.
CVE-2018-1920 1Ibm 1Marketing Platform Nov 21, 2024 Dec 7, 2018 N/A· v4 7.1 HIGH· v3 5.5 MEDIUM· v2 IBM Marketing Platform 9.1.0, 9.1.2 and 10.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or c...Show more IBM Marketing Platform 9.1.0, 9.1.2 and 10.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 152855.Show less
CVE-2018-1424 1Ibm 1Marketing Platform Nov 21, 2024 Dec 7, 2018 N/A· v4 7.1 HIGH· v3 5.5 MEDIUM· v2 IBM Marketing Platform 9.1.0, 9.1.2, and 10.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or...Show more IBM Marketing Platform 9.1.0, 9.1.2, and 10.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 139029.Show less
CVE-2016-6112 1Ibm 3Distributed Marketing Marketing OperationsMarketing Platform May 13, 2026 May 22, 2017 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 IBM Distributed Marketing and Marketing Platform 8.6, 9.0, 9.1, and 10.0 could allow an authenticated user to escalate their privileges and gain administrative permissions over the web application. IBM X-Force ID: 118282...Show more IBM Distributed Marketing and Marketing Platform 8.6, 9.0, 9.1, and 10.0 could allow an authenticated user to escalate their privileges and gain administrative permissions over the web application. IBM X-Force ID: 118282.Show less
CVE-2016-0255 1Ibm 1Marketing Platform May 13, 2026 May 5, 2017 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 IBM Marketing Platform 9.1 and 10.0 is vulnerable to stored cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject malicious script into a...Show more IBM Marketing Platform 9.1 and 10.0 is vulnerable to stored cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. IBM X-Force ID: 110564.Show less
CVE-2016-0228 1Ibm 1Marketing Platform May 13, 2026 Apr 17, 2017 N/A· v4 5.4 MEDIUM· v3 4.9 MEDIUM· v2 IBM Marketing Platform 10.0 could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in various scripts. An attacker could exploit this vulnerability to redirect a victim to arb...Show more IBM Marketing Platform 10.0 could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in various scripts. An attacker could exploit this vulnerability to redirect a victim to arbitrary Web sites. IBM X-Force ID: 110236.Show less
CVE-2016-0233 1Ibm 1Marketing Platform May 6, 2026 Jun 28, 2016 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 SQL injection vulnerability in IBM Marketing Platform 8.5.x, 8.6.x, and 9.x before 9.1.2.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2016-0229 1Ibm 1Marketing Platform May 6, 2026 Jun 28, 2016 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in IBM Marketing Platform 8.6.x and 9.x before 9.1.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
CVE-2016-0224 1Ibm 1Marketing Platform May 6, 2026 Jun 28, 2016 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 SQL injection vulnerability in IBM Marketing Platform 8.5.x, 8.6.x, and 9.x before 9.1.2.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-6311 1Ibm 1Marketing Platform May 6, 2026 Jun 28, 2014 N/A· v4 N/A· v3 6.5 MEDIUM· v2 SQL injection vulnerability in IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-6310 1Ibm 1Marketing Platform May 6, 2026 Jun 28, 2014 N/A· v4 N/A· v3 3.5 LOW· v2 Cross-site scripting (XSS) vulnerability in IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-6309 1Ibm 1Marketing Platform May 6, 2026 Jun 28, 2014 N/A· v4 N/A· v3 6.0 MEDIUM· v2 IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to hijack sessions, and consequently read records, modify records, or conduct transactions, via an unspecified link injection.
CVE-2013-6308 1Ibm 1Marketing Platform May 6, 2026 Jun 28, 2014 N/A· v4 N/A· v3 4.9 MEDIUM· v2 IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to conduct phishing attacks and capture login credentials via an unspecified injection.