CVE-2012-4840

IBM Cognos BI is vulnerable to XPath injection (CVE-2012-4840). Affected versions: 8.4.1 prior to IF1, 10.1 prior to IF2, 10.1.1 prior to IF2, and 10.2 prior to IF1. Attackers can remotely inject XPath code and call XPath extension functions via unspecified vectors. Mitigation: apply Cognos BI In...