CVE-2019-4136
IBM Cognos Controller (versions 10.2.0–10.4.0) is affected by a cross-site scripting (XSS) vulnerability in the Web UI that could let an attacker embed arbitrary JavaScript, potentially leading to credentials disclosure within a trusted session. The issue affects the Web UI component and stems fr...