IBM » Qradar Security Information And Event Manager : Security Vulnerabilities, CVEs, Published In 2016 (XSS)
Multiple cross-site request forgery (CSRF) vulnerabilities in IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 allow remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Max CVSS
8.0
EPSS Score
0.08%
Published
2016-11-30
Updated
2016-12-23
Multiple cross-site scripting (XSS) vulnerabilities in the UI in IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 allow remote authenticated users to inject arbitrary web script or HTML via crafted fields in a URL.
Max CVSS
5.4
EPSS Score
0.06%
Published
2016-11-30
Updated
2016-12-15
Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM 7.2.x before 7.2.6 allows remote authenticated users to inject arbitrary web script or HTML via an unspecified field.
Max CVSS
5.4
EPSS Score
0.06%
Published
2016-01-01
Updated
2016-01-06
Cross-site scripting (XSS) vulnerability in the Web UI in IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
Max CVSS
5.4
EPSS Score
0.06%
Published
2016-02-15
Updated
2016-02-26
4 vulnerabilities found