Multiple cross-site scripting (XSS) vulnerabilities in the help pages in Web\Content\Help\ in the Web Client in IBM Cognos Command Center (aka Star Command Center or Star Analytics) before 10.1, when. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.
IBM
XSS
Star Command Center
NVD
CVSS 2.0
3.5
EPSS
0.2%