cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-50962,https://securityvulnerability.io/vulnerability/CVE-2023-50962,IBM PowerSC information disclosure,"IBM PowerSC 1.3, 2.0, and 2.1 MFA does not implement the ""HTTP Strict Transport Security"" (HSTS) web security policy mechanism.  IBM X-Force ID:  276004.

",IBM,Powersc,5.9,MEDIUM,0.0007600000244565308,false,,false,false,false,,,false,false,,2024-02-02T01:18:59.448Z,0
CVE-2023-50328,https://securityvulnerability.io/vulnerability/CVE-2023-50328,IBM PowerSC information disclosure,"IBM PowerSC 1.3, 2.0, and 2.1 may allow a remote attacker to view session identifiers passed via URL query strings.  IBM X-Force ID:  275110.

",IBM,PowerSC,5.3,MEDIUM,0.0005799999926239252,false,,false,false,false,,,false,false,,2024-02-02T01:16:00.900Z,0
CVE-2023-50937,https://securityvulnerability.io/vulnerability/CVE-2023-50937,IBM PowerSC information disclosure,"IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.  IBM X-Force ID:  275117.

",IBM,Powersc,5.9,MEDIUM,0.0007099999929778278,false,,false,false,false,,,false,false,,2024-02-02T01:15:00.000Z,0
CVE-2023-50326,https://securityvulnerability.io/vulnerability/CVE-2023-50326,IBM PowerSC information Disclosure,"IBM PowerSC versions 1.3, 2.0, and 2.1 exhibit vulnerability stemming from inadequate account lockout settings. This security flaw could be exploited by remote attackers to execute brute force attacks on user credentials, potentially compromising system security. The vulnerability emphasizes the importance of implementing robust account protection mechanisms to safeguard sensitive information.",IBM,Powersc,7.5,HIGH,0.0007399999885819852,false,,false,false,false,,,false,false,,2024-02-02T01:15:00.000Z,0
CVE-2023-50933,https://securityvulnerability.io/vulnerability/CVE-2023-50933,IBM PowerSC HTML injection,"IBM PowerSC 1.3, 2.0, and 2.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site.  IBM X-Force ID:  275113.

",IBM,Powersc,6.1,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2024-02-02T01:15:00.000Z,0
CVE-2023-50938,https://securityvulnerability.io/vulnerability/CVE-2023-50938,IBM PowerSC clickjacking,"IBM PowerSC 1.3, 2.0, and 2.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim.  IBM X-Force ID:  275128.

",IBM,PowerSC,4.3,MEDIUM,0.0005600000149570405,false,,false,false,false,,,false,false,,2024-02-02T01:14:20.340Z,0
CVE-2023-50935,https://securityvulnerability.io/vulnerability/CVE-2023-50935,IBM PowerSC forced browsing,"IBM PowerSC 1.3, 2.0, and 2.1 fails to properly restrict access to a URL or resource, which may allow a remote attacker to obtain unauthorized access to application functionality and/or resources.  IBM X-Force ID:  275115.

",IBM,Powersc,6.5,MEDIUM,0.000750000006519258,false,,false,false,false,,,false,false,,2024-02-02T01:12:54.221Z,0
CVE-2023-50941,https://securityvulnerability.io/vulnerability/CVE-2023-50941,IBM PowerSC session fixation,"IBM PowerSC 1.3, 2.0, and 2.1 does not provide logout functionality, which could allow an authenticated user to gain access to an unauthorized user using session fixation.  IBM X-Force ID:  275131.

",IBM,Powersc,6.3,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-02-02T01:11:23.968Z,0
CVE-2023-50934,https://securityvulnerability.io/vulnerability/CVE-2023-50934,IBM PowerSC improper authentication,"IBM PowerSC 1.3, 2.0, and 2.1 uses single-factor authentication which can lead to unnecessary risk of compromise when compared with the benefits of a dual-factor authentication scheme.  IBM X-Force ID:  275114.

",IBM,Powersc,5.3,MEDIUM,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-02-02T01:08:46.298Z,0
CVE-2023-50940,https://securityvulnerability.io/vulnerability/CVE-2023-50940,IBM PowerSC cross-resource origin sharing,"IBM PowerSC 1.3, 2.0, and 2.1 uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains.  IBM X-Force ID:  275130.

",IBM,Powersc,5.3,MEDIUM,0.0008399999933317304,false,,false,false,false,,,false,false,,2024-02-02T01:05:18.602Z,0
CVE-2023-50936,https://securityvulnerability.io/vulnerability/CVE-2023-50936,IBM PowerSC session fixation,"A session management vulnerability exists in IBM PowerSC versions 1.3, 2.0, and 2.1, where failed session invalidation after logout permits an authenticated user to impersonate another user. This flaw could potentially allow unauthorized access to sensitive data and services within the affected system.",IBM,PowerSC,8.8,HIGH,0.000590000010561198,false,,false,false,false,,,false,false,,2024-02-02T01:03:34.263Z,0
CVE-2023-50327,https://securityvulnerability.io/vulnerability/CVE-2023-50327,IBM PowerSC weak security,"IBM PowerSC 1.3, 2.0, and 2.1 uses insecure HTTP methods which could allow a remote attacker to perform unauthorized file request modification.  IBM X-Force ID:  275109.

",IBM,Powersc,5.3,MEDIUM,0.0005799999926239252,false,,false,false,false,,,false,false,,2024-02-02T01:00:10.988Z,0
CVE-2023-50939,https://securityvulnerability.io/vulnerability/CVE-2023-50939,IBM PowerSC information Disclosure,"IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.  IBM X-Force ID:  275129.",IBM,Powersc,5.9,MEDIUM,0.0007099999929778278,false,,false,false,false,,,false,false,,2024-02-02T00:15:00.000Z,0