CVE-2021-38909
MEDIUM
Published 2021-12-03T17:00:31.456970Z
Actions:
CVSS Score
V3.0
5.4
/10
CVSS:3.0/I:L/AV:N/A:N/PR:L/C:L/UI:R/S:C/AC:L/E:H/RL:O/RC:C
Base Score Metrics
Exploitability: N/A
Impact: N/A
EPSS Score
v2023.03.01
0.001
probability
of exploitation in the wild
There is a 0.1% chance that this vulnerability will be exploited in the wild within the next 30 days.
Updated: 2025-01-25
Exploit Probability
Percentile: 0.360
Higher than 36.0% of all CVEs
Attack Vector Metrics
Impact Metrics
Description
IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 209706.
Available Exploits
No exploits available for this CVE.
Related News
No news articles found for this CVE.
Affected Products
References
Published: 2021-12-03T17:00:31.456970Z
Last Modified: 2024-09-16T18:28:16.876Z
Copied to clipboard!