Vulnerabilities (CVE)

Filtered by vendor Ibm Subscribe
Filtered by product Mashups Center
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-7407 1 Ibm 1 Mashups Center 2024-11-21 6.8 MEDIUM 8.8 HIGH
Cross-site request forgery (CSRF) vulnerability in Lotus Mashups in IBM Mashup Center 3.0.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.
CVE-2015-7400 1 Ibm 1 Mashups Center 2024-11-21 6.8 MEDIUM 7.7 HIGH
The Lotus Mashups component in IBM Mashup Center 3.0.0.1 allows remote authenticated users to cause a denial of service (CPU consumption) via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.