CVE-2012-0696
IBM Cognos TM1 <9.5 FP1 - XSS
Title source: llmDescription
Multiple cross-site scripting (XSS) vulnerabilities in the Executive Viewer (EV) in IBM Cognos TM1 before 9.5 FP1 allow remote attackers to inject arbitrary web script or HTML via unspecified requests to (1) aspnet_client or (2) evserver/createcontrol.js.
References (7)
Scores
EPSS
0.0046
EPSS Percentile
64.0%
Classification
CWE
CWE-79
Status
published
Affected Products (5)
ibm/cognos_executive_viewer
ibm/cognos_tm1
< 9.4.1.3
ibm/cognos_tm1
ibm/cognos_tm1
n/a/n/a
Timeline
Published
Jan 13, 2012
Tracked Since
Feb 18, 2026