CVE-2014-6145 Information

Description

Cross-site scripting (XSS) vulnerability in the server in IBM Cognos Business Intelligence 10.1 before IF10 10.1.1 before IF9 10.2 before IF11 10.2.1 before IF8 and 10.2.1.1 before IF7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

Reference

http://www-01.ibm.com/support/docview.wss?uid=swg21692267 https://exchange.xforce.ibmcloud.com/vulnerabilities/96915