Interact
This hub aggregates every CVE we track for Interact, a product in the security products space. Use it to gauge the current risk picture and drill into individual advisories.
18
CVEs tracked
0
Critical
3
High
0
In CISA KEV
Severity distribution
MEDIUM11LOW4HIGH3
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
2
0
1
0
0
0
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Interact.
- CVE-2026-6416Tanium addressed an uncontrolled resource consumption vulnerability in Interact.2.7
- CVE-2026-2350Tanium addressed an insertion of sensitive information into log file vulnerability in Interact and TDS.6.5
- CVE-2025-15289Tanium addressed an improper access controls vulnerability in Interact.3.1
- CVE-2025-15288Tanium addressed an improper access controls vulnerability in Interact.3.1
- CVE-2023-5659Interact: Embed A Quiz On Your Site <= 3.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode6.4
- CVE-2023-41103Interact 7.9.79.5 allows stored Cross-site Scripting (XSS) attacks in several locations, allowing an attacker to store a JavaScript payload.5.4
- CVE-2016-5888IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality...5.4
- CVE-2016-5889IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website...8.8
- CVE-2008-3868Cross-site request forgery (CSRF) vulnerability in Interact 2.4.1 allows remote attackers to hijack the authentication of super administrators for requests that create super administrator accounts.6.8
- CVE-2008-3867SQL injection vulnerability in spaces/emailuser.php in Interact 2.4.1 allows remote attackers to execute arbitrary SQL commands via the email_user_key parameter.6.8
- CVE-2008-3384Multiple directory traversal vulnerabilities in help/help.php in Interact Learning Community Environment Interact 2.4.1 allow remote attackers to include and execute arbitrary local files via a .. ...7.5
- CVE-2008-2220Multiple PHP remote file inclusion vulnerabilities in Interact Learning Community Environment Interact 2.4.1, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code ...6.8
- CVE-2007-4177Multiple cross-site scripting (XSS) vulnerabilities in Interact before 2.4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this might overlap CVE-2007-...4.3
- CVE-2007-3328Multiple cross-site scripting (XSS) vulnerabilities in Interact 2.4 beta 1 allow remote attackers to inject arbitrary web script or HTML via the (1) module_key parameter to (a) kb/kb.php, (b) quiz/...4.3
- CVE-2006-4448Multiple PHP remote file inclusion vulnerabilities in interact 2.2, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) CONFIG[BASE_PATH] par...5.1
Product normalization is registry-driven with AI assist and human review. How it works