CVE-2016-0217

Name of the Vulnerable Software and Affected Versions IBM Cognos Business Intelligence and IBM Cognos Analytics (affected versions not specified)

Description The issue is related to stored cross-site scripting due to improper validation of user-supplied input. A remote attacker could inject malicious script into a Web page, which would be executed in a victim's Web browser within the security context of the hosting Web site once the page is viewed. This could allow an attacker to steal the victim's cookie-based authentication credentials.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.