7666 matches found
Cross site scripting
IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 127579...
Cross site scripting
IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 128623...
CVE-2017-1427
IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 127579...
CVE-2017-1485
CVE-2017-1485 affects IBM Cognos Analytics 11.0. The vulnerability is a cross-site scripting flaw in the Web UI that lets an attacker embed arbitrary JavaScript, potentially leading to credentials disclosure within a trusted session. Affected product/version: IBM Cognos Analytics 11.0.0.0 to 11.0...
CVE-2017-1535
CVE-2017-1535 affects IBM Cognos Analytics 11.0. The vulnerability is a cross-site scripting issue in the Web UI that could allow embedding arbitrary JavaScript, potentially leading to credentials disclosure within a trusted session. IBM’s bulletin for Financial Transaction Manager for CPS (and I...
CVE-2017-1535
IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 130677...
CVE-2017-1485
IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 128623...
CVE-2017-1427
CVE-2017-1427 affects IBM Cognos Analytics 11.0 (versions 11.0.0.0–11.0.6.0) and is a cross-site scripting vulnerability in the Web UI that could allow embedding arbitrary JavaScript and potentially lead to credential disclosure within a trusted session. Root cause details are described in the vu...
CVE-2017-1428
CVE-2017-1428 affects IBM Cognos Analytics 11.0, where a remote attacker could hijack a victim’s click actions by enticing the user to visit a malicious site. Related IBM bulletin confirms fixes in IBM Cognos Analytics 11.0.x series, recommending upgrading to 11.0.7.0. Exploitation details are no...
CVE-2017-1428
IBM Cognos Analytics 11.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim...
IBM Operationas Analytics Predictive Insights Java SDK Remote Lift Vulnerability
IBM Operationas Analytics Predictive Insights is a proactive fault management system from IBM, USA. The system monitors the performance of physical and logical infrastructures and provides alerts in the event of failures.Java SDK is one of the Java software development kits. A remote boost...
Progress Sitefinity 9.1 XSS Vulnerability
Progress Sitefinity version 9.1 suffers from cross site scripting, broken session management, and open redirection vulnerabilities. ======================================================================= title: Multiple vulnerabilities product: Progress Sitefinity vulnerable version: 9.1 fixed...
More Answers, Less Query Language: Bringing Visual Search to InsightIDR
Sitting down with your data lake and asking it questions has never been easy. In the infosec world, there are additional layers of complexity. Users are bouncing between assets, services, and geographical locations, with each monitoring silo producing its own log files and slivers of the complete...
CVE-2017-9655
A Cross-Site Scripting issue was discovered in OSIsoft PI Integrator for Business Analytics before 2016 R2, PI Integrator for Microsoft Azure before 2016 R2 SP1, and PI Integrator for SAP HANA before 2017. An attacker may be able to upload a malicious script that attempts to redirect users to a...
CVE-2017-9653
An Improper Authorization issue was discovered in OSIsoft PI Integrator for Business Analytics before 2016 R2, PI Integrator for Microsoft Azure before 2016 R2 SP1, and PI Integrator for SAP HANA before 2017. An attacker is able to gain privileged access to the system while unauthorized...
CVE-2017-9653
An Improper Authorization issue was discovered in OSIsoft PI Integrator for Business Analytics before 2016 R2, PI Integrator for Microsoft Azure before 2016 R2 SP1, and PI Integrator for SAP HANA before 2017. An attacker is able to gain privileged access to the system while unauthorized...
Cross site scripting
A Cross-Site Scripting issue was discovered in OSIsoft PI Integrator for Business Analytics before 2016 R2, PI Integrator for Microsoft Azure before 2016 R2 SP1, and PI Integrator for SAP HANA before 2017. An attacker may be able to upload a malicious script that attempts to redirect users to a...
CVE-2017-9655
A Cross-Site Scripting issue was discovered in OSIsoft PI Integrator for Business Analytics before 2016 R2, PI Integrator for Microsoft Azure before 2016 R2 SP1, and PI Integrator for SAP HANA before 2017. An attacker may be able to upload a malicious script that attempts to redirect users to a...
CVE-2017-9653
An Improper Authorization issue was discovered in OSIsoft PI Integrator for Business Analytics before 2016 R2, PI Integrator for Microsoft Azure before 2016 R2 SP1, and PI Integrator for SAP HANA before 2017. An attacker is able to gain privileged access to the system while unauthorized...
Authorization
An Improper Authorization issue was discovered in OSIsoft PI Integrator for Business Analytics before 2016 R2, PI Integrator for Microsoft Azure before 2016 R2 SP1, and PI Integrator for SAP HANA before 2017. An attacker is able to gain privileged access to the system while unauthorized...