Ibm: >> Forms Experience Builder >> 8.5.1 Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in IBM Forms Experience Builder 8.5.0 and 8.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 97777.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-04-12
XML external entity (XXE) vulnerability in IBM Forms Experience Builder 8.5, 8.5.1, and 8.6 allows remote authenticated users to obtain sensitive information via crafted XML data. IBM X-Force ID: 112088.
CVSS Score
2.7
EPSS Score
0.001
Published
2018-02-21
IBM Forms Experience Builder could be susceptible to a server-side request forgery (SSRF) from the application design interface allowing for some information disclosure of internal resources.
CVSS Score
3.1
EPSS Score
0.001
Published
2017-02-01