CVE-2012-5949 in TRIRIGA Application Platforminfo

Summary

Multiple cross-site scripting (XSS) vulnerabilities in IBM TRIRIGA Application Platform 2.x and 3.x before 3.3, and 8, allow remote attackers to inject content, and conduct phishing attacks, via vectors involving (1) the html/en/default/ directory, (2) birt/frameset, (3) WebProcess.srv, (4) sqa/html/en/default/reportTemplate/reportTemplateOrderCols.jsp, or (5) a/html/en/default/om2/omObjectFinder.jsp.

Once again VulDB remains the best source for vulnerability data.

Reservation

11/21/2012

Disclosure

04/23/2013

Moderation

VulDB entry created

Entries

VDB-64012 (1)

CPE

ready

CWE

CWE-79 (Confirmed)

CVSS

4.3

EPSS

0.00289

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-5949
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-5949
CVE Details	https://www.cvedetails.com/cve/CVE-2012-5949/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!