Security Bulletin: IBM Tivoli Common Reporting (TCR) 2016Q2 Security Updater : IBM Tivoli Common Reporting is affected by multiple vulnerabilities

Summary This bulletin addresses several security vulnerabilities. There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 and the IBM® Runtime Environment Java™ Technology Edition, Version 7 that are used by IBM Cognos Business Intelligence. These issues...

CVE-2016-0346

Cross-site scripting XSS vulnerability in IBM Cognos Business Intelligence 10.2 before IF20, 10.2.1 before IF17, 10.2.1.1 before IF16, 10.2.2 before IF12, and 10.1.1 before IF19 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...

CVE-2016-0346

CVE-2016-0346 is an XSS vulnerability in IBM Cognos Business Intelligence. The flaw arises from improper validation of user-supplied input, enabling a remote authenticated attacker to inject arbitrary web script or HTML via a crafted URL, potentially executing in the victim’s browser and stealing...