Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up
ibm

Content Navigator

18 Versions 28 CVEs

Versions

3.0.CD

OTHER 8 CVEs

2.0.3.7

OTHER 1 CVE

3.0.2

SEMANTIC 3 CVEs

3.0CD

OTHER 10 CVEs

3.0.8

SEMANTIC 2 CVEs

3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.10, 3.0.11, 3.0.12

OTHER 1 CVE

2.0.3

SEMANTIC 4 CVEs

3.0.7

SEMANTIC 2 CVEs

2.0.3.8

OTHER 2 CVEs

3.0.1

SEMANTIC 4 CVEs

3.0.13

SEMANTIC 1 CVE

2.0.3.5

OTHER 1 CVE

2.0.2.8

OTHER 1 CVE

2.0.3.6

OTHER 1 CVE

2.0.2.7

OTHER 1 CVE

3.0.0

SEMANTIC 5 CVEs

3.0.11, 3.0.13, 3.0.14

OTHER 1 CVE

3.0.3

SEMANTIC 3 CVEs

Recent CVEs

CVE-2023-35896

IBM Content Navigator 3.0.13 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 259247.

MEDIUM Nov 03, 2023

CVE-2023-40684

IBM Content Navigator 3.0.11, 3.0.13, and 3.0.14 with IBM Daeja ViewOne Virtual is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 264019.

MEDIUM Oct 04, 2023

CVE-2022-43581

IBM Content Navigator 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.10, 3.0.11, and 3.0.12 is vulnerable to missing authorization and could allow an authenticated user to load external plugins and execute code. IBM X-Force ID: 238805.

HIGH Dec 07, 2022

CVE-2021-20550

IBM Content Navigator 3.0.CD is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199168.

MEDIUM Apr 27, 2021

CVE-2021-20549

IBM Content Navigator 3.0.CD is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199167.

MEDIUM Apr 27, 2021

CVE-2021-20448

IBM Content Navigator 3.0.CD is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 196624.

MEDIUM Apr 27, 2021

CVE-2020-4934

IBM Content Navigator 3.0.CD could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 191752.

MEDIUM Feb 02, 2021

CVE-2020-4757

IBM FileNet Content Manager and IBM Content Navigator 3.0.CD is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188600.

MEDIUM Dec 21, 2020

CVE-2020-4760

IBM Content Navigator 3.0CD is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188737.

MEDIUM Nov 10, 2020

CVE-2020-4704

IBM Content Navigator 3.0CD is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 187189.

MEDIUM Nov 10, 2020