XSS in Ibm Cognos_tm1

CVE-2012-1046

Cross-site scripting (XSS) vulnerability in TM1 Web in IBM Cognos TM1 9.5.2 FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0696.

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.004 (62.8th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References

  • 1026648 (vdb-entry, x_refsource_SECTRACK)
  • cve@mitre.org (x_refsource_CONFIRM)
  • 51905 (vdb-entry, x_refsource_BID)
  • 78917 (x_refsource_OSVDB, vdb-entry)
  • cve@mitre.org (x_refsource_CONFIRM)
  • 47889 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
  • PM49009 (vendor-advisory, x_refsource_AIXAPAR)