CVE-2012-5949

Name of the Vulnerable Software and Affected Versions IBM TRIRIGA Application Platform versions 2.x through 3.x before 3.3 IBM TRIRIGA Application Platform version 8

Description The issue allows remote attackers to inject content and conduct phishing attacks via several vectors, including the html/en/default/ directory, birt/frameset, WebProcess.srv, sqa/html/en/default/reportTemplate/reportTemplateOrderCols.jsp, and a/html/en/default/om2/omObjectFinder.jsp.

Recommendations For IBM TRIRIGA Application Platform versions 2.x through 3.x before 3.3, update to version 3.3 or later. For IBM TRIRIGA Application Platform version 8, at the moment, there is no information about a newer version that contains a fix for this issue.