exploitDog

CVE-2013-6732

Опубликовано: 22 фев. 2014

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in the server in IBM Cognos Business Intelligence (BI) 8.4.1, 10.1 before IF6, 10.1.1 before IF5, 10.2 before IF7, 10.2.1 before IF4, and 10.2.1.1 before IF4 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:cognos_business_intelligence:8.4.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:cognos_business_intelligence:10.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:cognos_business_intelligence:10.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:cognos_business_intelligence:10.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:cognos_business_intelligence:10.2.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:cognos_business_intelligence:10.2.1.1:*:*:*:*:*:*:*

EPSS

Процентиль: 46%

0.00236

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-4p35-vf8h-253r

github

больше 3 лет назад

Cross-site scripting (XSS) vulnerability in the server in IBM Cognos Business Intelligence (BI) 8.4.1, 10.1 before IF6, 10.1.1 before IF5, 10.2 before IF7, 10.2.1 before IF4, and 10.2.1.1 before IF4 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter.

EPSS

Процентиль: 46%

0.00236

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79