CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-0346

Cross-site scripting (XSS) vulnerability in IBM Cognos Business Intelligence 10.2 before IF20, 10.2.1 before IF17, 10.2.1.1 before IF16, 10.2.2 before IF12, and 10.1.1 before IF19 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 47.3%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

Products affected by CVE-2016-0346

Ibm » Cognos Business Intelligence » Version: 10.1.1

cpe:2.3:a:ibm:cognos_business_intelligence:10.1.1
Ibm » Cognos Business Intelligence » Version: 10.2

cpe:2.3:a:ibm:cognos_business_intelligence:10.2
Ibm » Cognos Business Intelligence » Version: 10.2.1

cpe:2.3:a:ibm:cognos_business_intelligence:10.2.1
Ibm » Cognos Business Intelligence » Version: 10.2.1.1

cpe:2.3:a:ibm:cognos_business_intelligence:10.2.1.1
Ibm » Cognos Business Intelligence » Version: 10.2.2

cpe:2.3:a:ibm:cognos_business_intelligence:10.2.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-0346

Products

Pricing

Contact Us