TRIRIGA
by IBM
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-1465 | Med | 0.35 | 5.4 | 0.01 | Dec 7, 2017 | IBM TRIRIGA 3.2, 3.3, 3.4, and 3.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further… | ||
| CVE-2017-1180 | Med | 0.35 | 5.3 | 0.01 | Apr 5, 2017 | The IBM TRIRIGA Document Manager contains a vulnerability that could allow an authenticated user to execute actions they did not have access to. IBM Reference #: 2001084. | ||
| CVE-2016-9737 | Med | 0.35 | 5.4 | 0.01 | Mar 27, 2017 | IBM TRIRIGA 3.3, 3.4, and 3.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #:… | ||
| CVE-2020-4868 | 0.00 | — | 0.01 | Jul 31, 2023 | IBM TRIRIGA 3.0, 4.0, and 4.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 190744. | |||
| CVE-2023-27876 | 0.00 | — | 0.01 | Apr 7, 2023 | IBM TRIRIGA 4.0 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 249975. |
- risk 0.35cvss 5.4epss 0.01
IBM TRIRIGA 3.2, 3.3, 3.4, and 3.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further…
- risk 0.35cvss 5.3epss 0.01
The IBM TRIRIGA Document Manager contains a vulnerability that could allow an authenticated user to execute actions they did not have access to. IBM Reference #: 2001084.
- risk 0.35cvss 5.4epss 0.01
IBM TRIRIGA 3.3, 3.4, and 3.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #:…
- CVE-2020-4868Jul 31, 2023risk 0.00cvss —epss 0.01
IBM TRIRIGA 3.0, 4.0, and 4.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 190744.
- CVE-2023-27876Apr 7, 2023risk 0.00cvss —epss 0.01
IBM TRIRIGA 4.0 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 249975.