Cross-Site Scripting Vulnerabilities in IBM Cognos TM1 Executive Viewer
CVE-2012-0696

Currently unrated

Key Information:

Vendor

IBM
Status
Cognos Executive Viewer
Cognos Tm1
Vendor
CVE Published:
13 January 2012

What is CVE-2012-0696?

Multiple cross-site scripting vulnerabilities exist in the Executive Viewer (EV) component of IBM Cognos TM1 prior to version 9.5 FP1. These vulnerabilities enable remote attackers to exploit unspecified requests, allowing them to inject arbitrary web scripts or HTML through the aspnet_client directory or the evserver/createcontrol.js file. Such exploitation can lead to compromised user sessions and unauthorized access to sensitive information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.osvdb.org/78217
vdb-entryx_refsource_OSVDB
http://www-01.ibm.com/support/docview.wss?uid=swg1PM26682
vendor-advisoryx_refsource_AIXAPAR
http://securitytracker.com/id?1026491
vdb-entryx_refsource_SECTRACK

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.