2 matches found
CVE-2020-4377
CVE-2020-4377 affects IBM Cognos Analytics 11.0 and 11.1, where XML data processing is vulnerable to an XML External Entity (XXE) injection. The root cause is improper handling of XML entities, enabling a remote attacker to disclose sensitive information or exhaust memory. According to IBM/NVD en...
Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilities
Summary Security vulnerabilities have been addressed in IBM Cognos Analytics. Vulnerability Details CVEID: CVE-2010-5312 DESCRIPTION: jQuery UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using the...