Cross-site Scripting Vulnerability in IBM Cognos 8 Business Intelligence
CVE-2011-0486

Currently unrated

Key Information:

Vendor

IBM
Status
Cognos 8 Business Intelligence
Vendor
CVE Published:
18 January 2011

What is CVE-2011-0486?

A cross-site scripting (XSS) vulnerability exists in the cognos.cgi script of IBM Cognos 8 Business Intelligence versions prior to FP1. This vulnerability allows remote attackers to execute arbitrary web scripts or HTML by manipulating the pathinfo parameter. Successful exploitation could lead to unauthorized actions on behalf of users, potentially compromising sensitive data and system integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/45781
vdb-entryx_refsource_BID
http://securitytracker.com/id?1024954
vdb-entryx_refsource_SECTRACK
https://exchange.xforce.ibmcloud.com/vulnerabilities/64660
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.