PT-2013-1928 · Ibm · Ibm Cognos Tm1

Published

2013-01-31

Updated

2017-08-29

CVE-2012-6350

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions IBM Cognos TM1 versions prior to 9.5.2 FP3 IBM Cognos TM1 versions prior to 10.1 FP1

Description A cross-site scripting (XSS) issue exists in the Web component, allowing remote attackers to inject arbitrary web script or HTML. This can be achieved via unspecified vectors.

Recommendations For versions prior to 9.5.2 FP3, update to version 9.5.2 FP3 or later. For versions prior to 10.1 FP1, update to version 10.1 FP1 or later.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2012-6350

Affected Products

Ibm Cognos Tm1

PT-2013-1928 · Ibm · Ibm Cognos Tm1

CVE-2012-6350

Weakness Enumeration

Related Identifiers

Affected Products

References · 3