cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2017-1098,https://securityvulnerability.io/vulnerability/CVE-2017-1098,,IBM Emptoris Supplier Lifecycle Management 10.1.0.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120658.,IBM,Emptoris Supplier Lifecycle Management,5.4,MEDIUM,0.0004900000058114529,false,,false,false,false,,,false,false,,2017-09-07T16:00:00.000Z,0
CVE-2017-1448,https://securityvulnerability.io/vulnerability/CVE-2017-1448,,"IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 128173.",IBM,Emptoris Supplier Lifecycle Management,5.4,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2017-08-09T18:29:00.000Z,0
CVE-2016-6121,https://securityvulnerability.io/vulnerability/CVE-2016-6121,,IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 118383.,IBM,Emptoris Supplier Lifecycle Management,5.4,MEDIUM,0.0006300000241026282,false,,false,false,false,,,false,false,,2017-08-09T18:29:00.000Z,0
CVE-2016-8949,https://securityvulnerability.io/vulnerability/CVE-2016-8949,,"IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 118836.",IBM,Emptoris Supplier Lifecycle Management,5.4,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2017-08-09T18:29:00.000Z,0
CVE-2016-6118,https://securityvulnerability.io/vulnerability/CVE-2016-6118,,IBM Emptoris Supplier Lifecycle Management 10.1.0.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 118356.,IBM,Emptoris Supplier Lifecycle Management,5.4,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2017-07-24T21:29:00.000Z,0