CVE-2014-6145

Currently unrated

Key Information:

Vendor: IBM
Status: Cognos Business Intelligence
Vendor: CVE Published:; 12 December 2014

Summary

Cross-site scripting (XSS) vulnerability in the server in IBM Cognos Business Intelligence 10.1 before IF10, 10.1.1 before IF9, 10.2 before IF11, 10.2.1 before IF8, and 10.2.1.1 before IF7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21692267

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/96915

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Dec 12, 2014
Vulnerability Reserved
Sep 2, 2014