6 matches found
CVE-2024-28776
IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...
CVE-2024-28776
creationtimestamp| type| source ---|---|--- 2025-02-19 18:06:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3likej7vdpt2z 2025-08-25 13:32:05+00:00| seen| MISP/9ca82492-7deb-4197-a6f1-191e121eef96...
CVE-2024-28776
IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...
CVE-2024-28776
Affected products: IBM Cognos Controller (11.0.0–11.0.1 FP3) and IBM Controller (11.1.0). Issue: cross-site scripting in the Web UI that could allow embedding arbitrary JavaScript, potentially leading to credentials disclosure in a trusted session. Root cause: XSS vulnerability in the web applica...
CVE-2024-28776 IBM Cognos Controller cross-site scripting
IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...
CVE-2024-28776 IBM Cognos Controller cross-site scripting
IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...