Cognos Transformer
Monthly
Stored cross-site scripting in IBM Cognos Analytics and Cognos Transformer's Administration interface allows an authenticated low-privileged user to inject persistent JavaScript payloads into the Web UI, which then execute in the browser sessions of other users - including higher-privileged administrators - potentially leading to credential theft or session hijacking. Affected are Cognos Analytics versions 11.2.0, 12.0, and 12.1.0, and Cognos Transformer versions 11.2.4, 12.0, and 12.1.0. No public exploit identified at time of analysis, and the EPSS score of 0.03% (8th percentile) combined with SSVC exploitation status of 'none' indicates very low observed exploitation pressure.
Stored cross-site scripting in IBM Cognos Analytics and Cognos Transformer's Administration interface allows an authenticated low-privileged user to inject persistent JavaScript payloads into the Web UI, which then execute in the browser sessions of other users - including higher-privileged administrators - potentially leading to credential theft or session hijacking. Affected are Cognos Analytics versions 11.2.0, 12.0, and 12.1.0, and Cognos Transformer versions 11.2.4, 12.0, and 12.1.0. No public exploit identified at time of analysis, and the EPSS score of 0.03% (8th percentile) combined with SSVC exploitation status of 'none' indicates very low observed exploitation pressure.