Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
IbmPlanning Analytics

10 matches found

CVE
CVEadded 2021/09/01 5:15 p.m.40 views

CVE-2021-29852

IBM Planning Analytics 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 205528.

5.4CVSS5.3AI score0.00194EPSS
CVE
CVEadded 2019/05/01 4:29 p.m.37 views

CVE-2018-1933

IBM Planning Analytics 2.0 through 2.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 153177.

5.4CVSS5.6AI score0.00229EPSS
CVE
CVEadded 2020/07/29 2:15 p.m.36 views

CVE-2020-4645

IBM Planning Analytics Local 2.0.0 through 2.0.9.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...

5.4CVSS5.2AI score0.00236EPSS
CVE
CVEadded 2019/12/09 11:15 p.m.35 views

CVE-2019-4611

IBM Planning Analytics 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 168519.

5.4CVSS5.5AI score0.00239EPSS
CVE
CVEadded 2021/01/19 4:15 p.m.35 views

CVE-2020-4873

IBM Planning Analytics 2.0 could allow an attacker to obtain sensitive information due to an overly permissive CORS policy. IBM X-Force ID: 190836.

5.3CVSS5.5AI score0.00139EPSS
CVE
CVEadded 2020/07/20 2:15 p.m.34 views

CVE-2020-4527

IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the Secure flag for the session cookie in TLS mode. By intercepting its transmission within an HTTP session, an attacker could exploit this vulnerability to capture the cookie and ...

5.9CVSS5.4AI score0.0029EPSS
CVE
CVEadded 2021/06/29 4:15 p.m.31 views

CVE-2021-20477

IBM Planning Analytics 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 196949.

5.4CVSS5.2AI score0.00208EPSS
CVE
CVEadded 2021/10/27 4:15 p.m.29 views

CVE-2021-20526

IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 198755.

5.3CVSS5.2AI score0.00401EPSS
CVE
CVEadded 2021/01/19 4:15 p.m.28 views

CVE-2020-4871

IBM Planning Analytics 2.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 190834.

5.5CVSS5.3AI score0.00051EPSS
CVE
CVEadded 2021/04/26 5:15 p.m.24 views

CVE-2020-4562

IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information by allowing cross-window communication with unrestricted target origin via documentation frames.

5.3CVSS4.9AI score0.00193EPSS