|
266041
|
5.4 |
MEDIUM
Network
|
ibm
|
sametime
|
IBM Sametime 8.5.2 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Sametime away message altering the intended functionality p…
|
CWE-79
Cross-site Scripting
|
CVE-2016-2967
|
2024-11-21 11:49 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266042
|
4.3 |
MEDIUM
Network
|
ibm
|
sametime
|
IBM Sametime 8.5.1 and 9.0 could allow an authenticated user to enumerate meeting rooms by guessing the meeting room id. IBM X-Force ID: 113847.
|
CWE-200
Information Exposure
|
CVE-2016-2966
|
2024-11-21 11:49 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266043
|
5.3 |
MEDIUM
Network
|
ibm
|
sametime
|
IBM Sametime 8.5.2 and 9.0 under certain conditions provides an error message to a user that is too detailed and may reveal details about the application. IBM X-Force ID: 113813.
|
CWE-200
Information Exposure
|
CVE-2016-2964
|
2024-11-21 11:49 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266044
|
5.4 |
MEDIUM
Network
|
ibm
|
sametime
|
IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functional…
|
CWE-79
Cross-site Scripting
|
CVE-2016-2979
|
2024-11-21 11:49 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266045
|
4.3 |
MEDIUM
Network
|
ibm
|
sametime
|
IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a malicious user to lower other users hands in the meeting. IBM X-Force ID: 113937.
|
CWE-20
Improper Input Validation
|
CVE-2016-2977
|
2024-11-21 11:49 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266046
|
5.4 |
MEDIUM
Network
|
ibm
|
sametime
|
IBM Sametime Media Services 8.5.2 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functional…
|
CWE-79
Cross-site Scripting
|
CVE-2016-2973
|
2024-11-21 11:49 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266047
|
7.8 |
HIGH
Local
|
ibm
|
sametime
|
IBM Sametime Meeting Server 8.5.2 and 9.0 could store credentials of the Sametime Meetings user in the local cache of their browser which could be accessed by a local user. IBM X-Force ID: 113855.
|
CWE-255
Credentials Management
|
CVE-2016-2972
|
2024-11-21 11:49 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266048
|
5.3 |
MEDIUM
Network
|
ibm
|
sametime
|
IBM Sametime Media Services 8.5.2 and 9.0 can disclose sensitive information in stack trace error logs that could aid an attacker in future attacks. IBM X-Force ID: 113898.
|
CWE-200
Information Exposure
|
CVE-2016-2971
|
2024-11-21 11:49 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266049
|
4.3 |
MEDIUM
Network
|
ibm
|
sametime
|
IBM Sametime Meeting Server 8.5.2 and 9.0 may send replies that contain emails of people that should not be in these messages. IBM X-Force ID: 113850.
|
CWE-200
Information Exposure
|
CVE-2016-2969
|
2024-11-21 11:49 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266050
|
6.5 |
MEDIUM
Network
|
ibm
|
sametime
|
IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading a user to visit a malicious link, a remote a…
|
CWE-352
Origin Validation Error
|
CVE-2016-2965
|
2024-11-21 11:49 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
