IBM Content Navigator 2.0.0

CPE Details

IBM Content Navigator 2.0.0
ibm
content_navigator
2.0.0
2013-12-20
14h19 +00:00
2013-12-20
14h22 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ibm:content_navigator:2.0.0:*:*:*:*:*:*:*

Informations

Vendor

ibm

Product

content_navigator

Version

2.0.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2019-4092 2019-04-25 14h36 +00:00 IBM Content Navigator 2.0.3 and 3.0CD could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 157654.
6.1
Medium
CVE-2014-8911 2015-02-14 01h00 +00:00 Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.0.0 and 2.0.1 before 2.0.1.2 FP002 IF003 and 2.0.3 before 2.0.3.2 FP002 allows remote attackers to inject arbitrary web script or HTML via the Accept-Language HTTP header.
4.3
CVE-2014-0874 2014-02-28 01h00 +00:00 Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.x before 2.0.2.2-ICN-FP002 allows remote authenticated users to inject arbitrary web script or HTML via an unspecified parameter.
3.5
CVE-2014-0858 2014-02-27 19h00 +00:00 IBM Content Navigator 2.x before 2.0.2.2-ICN-FP002 allows remote authenticated users to bypass intended access restrictions and conduct deleteAction attacks via a modified URL.
3.5
CVE-2013-5462 2013-12-19 21h00 +00:00 IBM/ECMClient/configure/explodedformat/navigator/header.jsp in IBM Content Navigator 2.0.0, 2.0.1 before 2.0.1.2-ICN-FP002, and 2.0.2 before 2.0.2.1-ICN-FP001 allows remote attackers to conduct clickjacking attacks via vectors involving FRAME elements.
4.3