Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
IBM Emptoris Sourcing Portfolio 9.5.x before 9.5.1.3, 10.0.0.x before 10.0.0.1, 10.0.1.x before 10.0.1.3, and 10.0.2.x before 10.0.2.4 and Emptoris Spend Analysis 9.5.x before 9.5.0.4, 10.0.1.x before 10.0.1.3, and 10.0.2.x before 10.0.2.4 do not properly restrict use of FRAME elements, which allows remote authenticated users to conduct phishing attacks, and bypass intended access restrictions or obtain sensitive information, via a crafted web site, related to a "frame injection" issue.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Emptoris Sourcing Portfolio和Emptoris Spend Analysis 权限许可和访问控制漏洞
Vulnerability Description
IBM Emptoris Sourcing Portfolio和Emptoris Spend Analysis都是美国IBM公司的采购解决方案中的产品。IBM Emptoris Sourcing Portfolio是一套用于简化复杂的寻源决策和活动从而更好地进行战略寻源的产品。IBM Emptoris Spend Analysis是一套用于对分散而且各异的系统的支出数据进行整合、清理和分类的产品。 IBM Emptoris Sourcing Portfolio和Emptoris Spend Analysi
CVSS Information
N/A
Vulnerability Type
N/A