NotCVE - vendor:"Ibm" product:"Cognos Analytics" version:"11.0.0"

Page 5 of 43 results (0.004 seconds)

CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0

CVE-2016-3031

https://notcve.org/view.php?id=CVE-2016-3031

05 Apr 2017 — IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1998887. IBM Cognos Analytics 11.0 es vulnerable a secuencias de comandos en sitios cruzados. Esta vulnerabilidad permite a usuarios encrustrar código arbitrario JavaScript en la Web UI alterando así la funcionalidad prevista que potenc... • http://www.ibm.com/support/docview.wss?uid=swg21998887 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0

CVE-2016-0217

https://notcve.org/view.php?id=CVE-2016-0217

01 Feb 2017 — IBM Cognos Business Intelligence and IBM Cognos Analytics are vulnerable to stored cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. IBM Cognos Business Intelli... • http://www.ibm.com/support/docview.wss?uid=swg21996417 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1

CVE-2016-0398 – IBM Cognos 11.0 Content Spoofing

https://notcve.org/view.php?id=CVE-2016-0398

03 Jun 2016 — IBM Cognos Analytics (CA) 11.0 before 11.0.2 allows remote attackers to conduct content-spoofing attacks via a crafted URL. IBM Cognos Analytics (CA) 11.0 en versiones anteriores a 11.0.2 permite a atacantes remotos llevar a cabo ataques de suplantación de contenido a través de una URL manipulada. IBM Cognos version 11.0 suffers from a content spoofing vulnerability. • https://packetstorm.news/files/id/137306 • CWE-20: Improper Input Validation •

1...3 4 5