IBM Cognos Analytics is a suite of business intelligence software from IBM Corporation. IBM Cognos Analytics Mobile for Android is vulnerable to cross-site scripting, which originates from IBM Cognos Analytics Mobile before version 1.1.14. Android applications are vulnerable to cross-site scripting attacks. An attacker could exploit the vulnerability to embed arbitrary JavaScript code in the Web UI to alter the intended functionality, which could lead to credential disclosure in a trusted session.