CVE-2017-1535
29.08.2017, 21:29
IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 130677.
| Vendor | Product | Version |
|---|---|---|
| ibm | cognos_analytics | 11.0.0 |
| ibm | cognos_analytics | 11.0.1 |
| ibm | cognos_analytics | 11.0.2 |
| ibm | cognos_analytics | 11.0.3 |
| ibm | cognos_analytics | 11.0.4 |
| ibm | cognos_analytics | 11.0.5 |
| ibm | cognos_analytics | 11.0.6 |
𝑥
= Vulnerable software versions
References