XSS in Ibm Cognos_business_intelligence

CVE-2013-6732

Cross-site scripting (XSS) vulnerability in the server in IBM Cognos Business Intelligence (BI) 8.4.1, 10.1 before IF6, 10.1.1 before IF5, 10.2 before IF7, 10.2.1 before IF4, and 10.2.1.1 before IF4 allows remote attackers to inject arbitr…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.002 (46.7th percentile) — read the EPSS interpretation.

Affected products

Ibm Cognos_business_intelligence — versions 8.4.1, 10.1, 10.1.1
N/a — versions n/a

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

References

ibm-cognos-cve20136732-xss(89394) (vdb-entry, x_refsource_XF)
psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)