Lucene search
PRIOn knowledge basePRION:CVE-2016-0217HistoryFeb 01, 2017 - 10:59 p.m.
Cross site scripting
2017-02-0122:59:00
PRIOn knowledge base
www.prio-n.com
1
IBM Cognos Business Intelligence and IBM Cognos Analytics are vulnerable to stored cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
| CPE | Name | Operator | Version |
|---|---|---|---|
| cognos_analytics | eq | 11.0.3 | |
| cognos_analytics | eq | 11.0.0 | |
| cognos_analytics | eq | 11.0.2 | |
| cognos_analytics | eq | 11.0.4 | |
| cognos_analytics | eq | 11.0.1 |
Related
cve
cve
CVE-2016-0217
2017-02-01 22:59:00
cvelist
cvelist
CVE-2016-0217
2017-02-01 22:00:00
nvd
nvd
CVE-2016-0217
2017-02-01 22:59:00
ibm
ibm
Security Bulletin: IBM Cognos Business Intelligence is affected by a vulnerability.
2018-06-15 23:17:27
Security Bulletin: Security Vulnerabilities have been identified in IBM Cognos Business Intelligence used with IBM Cognos TM1 (CVE-2016-0217, CVE-2016-0221).
2020-02-24 07:27:10
Security Bulletin: IBM Cognos AnalyticsのLibxml2脆弱性について
2018-06-15 23:50:15