Cross-Site Scripting Vulnerability in IBM Planning Analytics
CVE-2021-20477
5.4MEDIUM
What is CVE-2021-20477?
IBM Planning Analytics 2.0 contains a cross-site scripting vulnerability that can be exploited by users to inject arbitrary JavaScript code into the Web UI. This flaw can potentially modify the application's intended functionality, allowing malicious actors to disclose sensitive credentials during trusted user sessions. The issue raises significant security concerns as it can impact the confidentiality of user data.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Planning Analytics 2.0
References
CVSS V3.1
Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved