6.8 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
46.8%
IBM Cognos Business Intelligence (BI) 8.4.1 before IF1, 10.1 before IF2, 10.1.1 before IF2, and 10.2 before IF1 allows remote authenticated users to conduct XPath injection attacks, and read arbitrary XML files, via unspecified vectors.
www-01.ibm.com/support/docview.wss?uid=swg21626697
www-01.ibm.com/support/docview.wss?uid=swg24034373
exchange.xforce.ibmcloud.com/vulnerabilities/78919