CVE-2012-5948
IBM Tririga Application Platform - XSS
Title source: ruleDescription
Multiple cross-site scripting (XSS) vulnerabilities in IBM TRIRIGA Application Platform 2.x and 3.x before 3.3, and 8, allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) WebProcess.srv, (2) the html/en/default/ directory, (3) Widget/resource, (4) birt/frameset, or (5) ganttlib/gantt-jws.jnlp.
Scores
EPSS
0.0024
EPSS Percentile
46.3%
Details
CWE
CWE-79
Status
published
Products (10)
ibm/tririga_application_platform
ibm/tririga_application_platform
ibm/tririga_application_platform
ibm/tririga_application_platform
ibm/tririga_application_platform
ibm/tririga_application_platform
ibm/tririga_application_platform
ibm/tririga_application_platform
ibm/tririga_application_platform
n/a/n/a
Published
Apr 23, 2013
Tracked Since
Feb 18, 2026