Lucene search
K

7666 matches found

Prion
Prion
added 2017/08/29 9:29 p.m.22 views

Cross site scripting

IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 127579...

4.3CVSS5.7AI score0.00998EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2017/08/29 9:29 p.m.16 views

Cross site scripting

IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 128623...

3.5CVSS5.1AI score0.0054EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/08/29 9:0 p.m.15 views

CVE-2017-1427

IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 127579...

5.8AI score0.00998EPSS
Exploits0References4
CVE
CVE
added 2017/08/29 9:0 p.m.53 views

CVE-2017-1485

CVE-2017-1485 affects IBM Cognos Analytics 11.0. The vulnerability is a cross-site scripting flaw in the Web UI that lets an attacker embed arbitrary JavaScript, potentially leading to credentials disclosure within a trusted session. Affected product/version: IBM Cognos Analytics 11.0.0.0 to 11.0...

5.4CVSS5.6AI score0.0054EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/08/29 9:0 p.m.47 views

CVE-2017-1535

CVE-2017-1535 affects IBM Cognos Analytics 11.0. The vulnerability is a cross-site scripting issue in the Web UI that could allow embedding arbitrary JavaScript, potentially leading to credentials disclosure within a trusted session. IBM’s bulletin for Financial Transaction Manager for CPS (and I...

5.4CVSS5.3AI score0.0072EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2017/08/29 9:0 p.m.21 views

CVE-2017-1535

IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 130677...

5.2AI score0.0072EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/08/29 9:0 p.m.17 views

CVE-2017-1485

IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 128623...

5.2AI score0.0054EPSS
Exploits0References2
CVE
CVE
added 2017/08/29 9:0 p.m.50 views

CVE-2017-1427

CVE-2017-1427 affects IBM Cognos Analytics 11.0 (versions 11.0.0.0–11.0.6.0) and is a cross-site scripting vulnerability in the Web UI that could allow embedding arbitrary JavaScript and potentially lead to credential disclosure within a trusted session. Root cause details are described in the vu...

6.1CVSS6AI score0.00998EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2017/08/29 9:0 p.m.50 views

CVE-2017-1428

CVE-2017-1428 affects IBM Cognos Analytics 11.0, where a remote attacker could hijack a victim’s click actions by enticing the user to visit a malicious site. Related IBM bulletin confirms fixes in IBM Cognos Analytics 11.0.x series, recommending upgrading to 11.0.7.0. Exploitation details are no...

6.1CVSS6.7AI score0.01164EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2017/08/29 9:0 p.m.22 views

CVE-2017-1428

IBM Cognos Analytics 11.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim...

6.1AI score0.01164EPSS
Exploits0References4
CNVD
CNVD
added 2017/08/28 12:0 a.m.0 views

IBM Operationas Analytics Predictive Insights Java SDK Remote Lift Vulnerability

IBM Operationas Analytics Predictive Insights is a proactive fault management system from IBM, USA. The system monitors the performance of physical and logical infrastructures and provides alerts in the event of failures.Java SDK is one of the Java software development kits. A remote boost...

9.8CVSS8.9AI score0.02634EPSS
Exploits0References1
0day.today
0day.today
added 2017/08/23 12:0 a.m.59 views

Progress Sitefinity 9.1 XSS Vulnerability

Progress Sitefinity version 9.1 suffers from cross site scripting, broken session management, and open redirection vulnerabilities. ======================================================================= title: Multiple vulnerabilities product: Progress Sitefinity vulnerable version: 9.1 fixed...

7.2AI score
Exploits0
rapid7community
rapid7community
added 2017/08/17 5:27 p.m.54 views

More Answers, Less Query Language: Bringing Visual Search to InsightIDR

Sitting down with your data lake and asking it questions has never been easy. In the infosec world, there are additional layers of complexity. Users are bouncing between assets, services, and geographical locations, with each monitoring silo producing its own log files and slivers of the complete...

6.7AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2017/08/14 4:29 p.m.2 views

CVE-2017-9655

A Cross-Site Scripting issue was discovered in OSIsoft PI Integrator for Business Analytics before 2016 R2, PI Integrator for Microsoft Azure before 2016 R2 SP1, and PI Integrator for SAP HANA before 2017. An attacker may be able to upload a malicious script that attempts to redirect users to a...

5.4CVSS5.5AI score0.00909EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2017/08/14 4:29 p.m.2 views

CVE-2017-9653

An Improper Authorization issue was discovered in OSIsoft PI Integrator for Business Analytics before 2016 R2, PI Integrator for Microsoft Azure before 2016 R2 SP1, and PI Integrator for SAP HANA before 2017. An attacker is able to gain privileged access to the system while unauthorized...

9.8CVSS5.6AI score0.02341EPSS
Exploits0References4
NVD
NVD
added 2017/08/14 4:29 p.m.15 views

CVE-2017-9653

An Improper Authorization issue was discovered in OSIsoft PI Integrator for Business Analytics before 2016 R2, PI Integrator for Microsoft Azure before 2016 R2 SP1, and PI Integrator for SAP HANA before 2017. An attacker is able to gain privileged access to the system while unauthorized...

9.8CVSS9.6AI score0.02341EPSS
Exploits0References3
Prion
Prion
added 2017/08/14 4:29 p.m.13 views

Cross site scripting

A Cross-Site Scripting issue was discovered in OSIsoft PI Integrator for Business Analytics before 2016 R2, PI Integrator for Microsoft Azure before 2016 R2 SP1, and PI Integrator for SAP HANA before 2017. An attacker may be able to upload a malicious script that attempts to redirect users to a...

3.5CVSS6.3AI score0.00909EPSS
Exploits0References3Affected Software3
OSV
OSV
added 2017/08/14 4:29 p.m.3 views

CVE-2017-9655

A Cross-Site Scripting issue was discovered in OSIsoft PI Integrator for Business Analytics before 2016 R2, PI Integrator for Microsoft Azure before 2016 R2 SP1, and PI Integrator for SAP HANA before 2017. An attacker may be able to upload a malicious script that attempts to redirect users to a...

5.4CVSS5.8AI score0.00909EPSS
Exploits0References3
OSV
OSV
added 2017/08/14 4:29 p.m.4 views

CVE-2017-9653

An Improper Authorization issue was discovered in OSIsoft PI Integrator for Business Analytics before 2016 R2, PI Integrator for Microsoft Azure before 2016 R2 SP1, and PI Integrator for SAP HANA before 2017. An attacker is able to gain privileged access to the system while unauthorized...

9.8CVSS5.8AI score0.02341EPSS
Exploits0References3
Prion
Prion
added 2017/08/14 4:29 p.m.16 views

Authorization

An Improper Authorization issue was discovered in OSIsoft PI Integrator for Business Analytics before 2016 R2, PI Integrator for Microsoft Azure before 2016 R2 SP1, and PI Integrator for SAP HANA before 2017. An attacker is able to gain privileged access to the system while unauthorized...

7.5CVSS7.2AI score0.02341EPSS
Exploits0References3Affected Software3
Rows per page
Query Builder