CVEDB API

Vulnerabilities

Vulnerable Software

Ibm: >> Datacap Navigator >> 9.1.7 Security Vulnerabilities

CVE-2024-39736

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 296003.

CVSS Score

6.5

EPSS Score

0.001

Published

2024-07-15

CVE-2020-4902

IBM Datacap Taskmaster Capture (IBM Datacap Navigator 9.1.7) is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 191045.

CVSS Score

6.3

EPSS Score

0.004

Published

2021-07-01

CVE-2020-4935

IBM Datacap Fastdoc Capture (IBM Datacap Navigator 9.1.7 ) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191753.

CVSS Score

5.4

EPSS Score

0.002

Published

2021-07-01

Page 2

Vulnerabilities

Vulnerable Software

Ibm: >> Datacap Navigator >> 9.1.7 Security Vulnerabilities

Products

Pricing

Contact Us