Cross-Site Scripting Vulnerability in IBM Cognos Business Intelligence
CVE-2014-6145

Currently unrated

Key Information:

Vendor: IBM
Status: Cognos Business Intelligence
Vendor: CVE Published:; 12 December 2014

Summary

A cross-site scripting vulnerability in IBM Cognos Business Intelligence allows remote authenticated users to inject arbitrary web scripts or HTML into the server. This can occur through specially crafted URLs, potentially compromising the integrity and security of sensitive data. The issue affects specific versions of the product, highlighting the importance of applying the latest updates and patches to maintain a secure environment.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21692267

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/96915

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Dec 12, 2014
Vulnerability Reserved
Sep 2, 2014