Ibm Content Navigator
32 CVEs affecting Ibm Content Navigator. Latest disclosed: 2026-04-02. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-43581 | High | 7.5 | 2022-12-07 | IBM Content Navigator 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.10, 3.0.11, and 3.0.12 is vulnerable to missing authorization a… |
CVE-2019-4092 | Medium | 6.8 | 2019-04-25 | IBM Content Navigator 2.0.3 and 3.0CD could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit… |
CVE-2021-29714 | Medium | 6.5 | 2021-08-09 | IBM Content Navigator 3.0.CD could allow a malicious user to cause a denial of service due to improper input validation. IBM X-Force ID: 200968. |
CVE-2020-4757 | Medium | 6.4 | 2020-12-21 | IBM FileNet Content Manager and IBM Content Navigator 3.0.CD is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary J… |
CVE-2020-4704 | Medium | 6.4 | 2020-11-10 | IBM Content Navigator 3.0CD is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus… |
CVE-2020-4253 | Medium | 6.3 | 2020-03-24 | IBM Content Navigator 3.0CD does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-F… |
CVE-2019-4035 | Medium | 6.3 | 2019-03-22 | IBM Content Navigator 3.0CD could allow attackers to direct web traffic to a malicious site. If attackers make a fake IBM Content Navigator site, they can send… |
CVE-2019-4034 | Medium | 6.3 | 2019-03-14 | IBM Content Navigator 3.0CD is could allow an attacker to execute arbitrary code on a user's workstation. When editing an executable file in ICN with Edit serv… |
CVE-2026-1243 | Medium | 5.4 | 2026-04-02 | IBM Content Navigator 3.0.15, 3.1.0, and 3.2.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaSc… |
CVE-2024-51475 | Medium | 5.4 | 2025-05-16 | IBM Content Navigator 3.0.11, 3.0.15, and 3.1.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would b… |
CVE-2024-56341 | Medium | 5.4 | 2025-04-02 | IBM Content Navigator 3.0.11, 3.0.15, and 3.1.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaS… |
CVE-2023-35896 | Medium | 5.4 | 2023-11-03 | IBM Content Navigator 3.0.13 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from t… |
CVE-2021-20550 | Medium | 5.4 | 2021-04-27 | IBM Content Navigator 3.0.CD is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alter… |
CVE-2021-20549 | Medium | 5.4 | 2021-04-27 | IBM Content Navigator 3.0.CD is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alter… |
CVE-2021-20448 | Medium | 5.4 | 2021-04-27 | IBM Content Navigator 3.0.CD is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alter… |
CVE-2020-4760 | Medium | 5.4 | 2020-11-10 | IBM Content Navigator 3.0CD is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alteri… |
CVE-2019-4571 | Medium | 5.4 | 2019-09-25 | IBM Content Navigator 3.0CD is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alteri… |
CVE-2019-4033 | Medium | 5.4 | 2019-04-25 | IBM Content Navigator 2.0.3 and 3.0CD is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI t… |
CVE-2018-1496 | Medium | 5.4 | 2018-05-31 | IBM Content Navigator 2.0.3, 3.0.0, 3.0.1, 3.0.2, and 3.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScrip… |
CVE-2017-1522 | Medium | 5.4 | 2017-10-05 | IBM Content Navigator & CMIS 2.0.3, 3.0.0, and 3.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code… |