Vulnerabilities > IBM > Cognos Analytics > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-22 | CVE-2021-38903 | Cross-site Scripting vulnerability in multiple products IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. | 3.5 |
| 2021-12-03 | CVE-2021-38909 | Cross-site Scripting vulnerability in multiple products IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to cross-site scripting. | 3.5 |
| 2021-10-15 | CVE-2020-4951 | Information Exposure vulnerability in multiple products IBM Cognos Analytics 11.1.7 and 11.2.0 contains locally cached browser data, that could allow a local attacker to obtain sensitive information. | 2.1 |
| 2021-06-01 | CVE-2020-4354 | Cross-site Scripting vulnerability in multiple products IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting. | 3.5 |
| 2021-06-01 | CVE-2019-4653 | Cross-site Scripting vulnerability in multiple products IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting. | 3.5 |
| 2019-12-30 | CVE-2019-4623 | Cross-site Scripting vulnerability in IBM Cognos Analytics 11.0.0/11.1.0 IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting. | 3.5 |
| 2019-12-20 | CVE-2019-4555 | Cross-site Scripting vulnerability in IBM Cognos Analytics IBM Cognos Analytics 11.0 and 11.0 is vulnerable to cross-site scripting. | 3.5 |
| 2019-05-29 | CVE-2019-4139 | Cross-site Scripting vulnerability in IBM Cognos Analytics 11.0.0/11.1.0/11.1.1 IBM Cognos Analytics 11.0, 11.1.0, and 11.1.1 is vulnerable to cross-site scripting. | 3.5 |
| 2018-11-09 | CVE-2018-1842 | Improper Verification of Cryptographic Signature vulnerability in multiple products IBM Cognos Analytics 11 Configuration tool, under certain circumstances, will bypass OIDC namespace signature verification on its id_token. | 3.3 |
| 2018-05-07 | CVE-2018-1413 | Cross-site Scripting vulnerability in multiple products IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. | 3.5 |