CVE-2012-4836

Currently unrated

Key Information:

Vendor: IBM
Status: Cognos Business Intelligence
Vendor: CVE Published:; 5 March 2013

Summary

Cross-site scripting (XSS) vulnerability in IBM Cognos Business Intelligence (BI) 8.4.1 before IF1, 10.1 before IF2, 10.1.1 before IF2, and 10.2 before IF1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted string that is not properly handled during rendering of stored data.

References

http://www-01.ibm.com/support/docview.wss?uid=swg24034373

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg21626697

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/78918

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Mar 5, 2013
Vulnerability Reserved
Sep 6, 2012