IBM Cognos Controller is a business intelligence and planning solution from IBM Corporation. The product has features such as process automation, financial audit control, and the creation and management of financial reports.IBM Cognos Controller has an XML external entity injection vulnerability that stems from the product’s failure to properly filter special characters in XML data, which could be exploited by an attacker to obtain sensitive information or consume memory resources.