Lucene search
China National Vulnerability DatabaseCNVD-2023-41893HistoryMay 17, 2023 - 12:00 a.m.
IBM Planning Analytics Cross-Site Scripting Vulnerability (CNVD-2023-41893)
2023-05-1700:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
ibm
planning analytics
cross-site scripting
vulnerability
local solution
user-supplied data
attacker
web script
html
payload
0.001 Low
EPSS
Percentile
19.4%
IBM Planning Analytics is a suite of business planning analytics solutions from International Business Machines (IBM). The solution supports automated execution of processes such as business planning, budgeting and analysis. A cross-site scripting vulnerability exists in IBM Planning Analytics Local, which stems from the application’s lack of effective filtering and escaping of user-supplied data, and can be exploited by an attacker to execute arbitrary Web script or HTML by injecting a crafted payload.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm ibm planning analytics local | eq | 2.0.0 |
Related
prion
prion
Cross site scripting
2023-05-12 02:15:00
cve
cve
CVE-2023-28520
2023-05-12 02:15:09
ibm
ibm
nvd
nvd
CVE-2023-28520
2023-05-12 02:15:09
cvelist
cvelist
CVE-2023-28520 IBM Planning Analytics Local cross-site scripting
2023-05-12 01:11:55