Page 5 of 41 results (0.019 seconds)
CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0
CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0CVE-2016-0217
https://notcve.org/view.php?id=CVE-2016-0217
01 Feb 2017 — IBM Cognos Business Intelligence and IBM Cognos Analytics are vulnerable to stored cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. IBM Cognos Business Intelli... • http://www.ibm.com/support/docview.wss?uid=swg21996417 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •