CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-40684

IBM Content Navigator 3.0.11, 3.0.13, and 3.0.14 with IBM Daeja ViewOne Virtual is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 264019.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 23.0%

CVSS Severity

CVSS v3 Score 4.6

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/264019
https://https://www.ibm.com/support/pages/node/7046226
https://exchange.xforce.ibmcloud.com/vulnerabilities/264019
https://https://www.ibm.com/support/pages/node/7046226

Products affected by CVE-2023-40684

Ibm » Content Navigator » Version: 3.0.11

cpe:2.3:a:ibm:content_navigator:3.0.11
Ibm » Content Navigator » Version: 3.0.13

cpe:2.3:a:ibm:content_navigator:3.0.13
Ibm » Content Navigator » Version: 3.0.14

cpe:2.3:a:ibm:content_navigator:3.0.14

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-40684

Products

Pricing

Contact Us