2 matches found
CVE-2023-38359 IBM Cognos Analytics cross-site scripting
IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...
CVE-2023-38359
CVE-2023-38359 - IBM Cognos Analytics XSS : The vulnerability affects IBM Cognos Analytics versions 11.1.7, 11.2.4, and 12.0.0 where untrusted input in the Web UI can be used to embed arbitrary JavaScript, potentially exposing credentials within a trusted session. Root cause: cross-site scripting...