CVE-2012-5949

IBM Tririga Application Platform - XSS

Title source: rule

Description

Multiple cross-site scripting (XSS) vulnerabilities in IBM TRIRIGA Application Platform 2.x and 3.x before 3.3, and 8, allow remote attackers to inject content, and conduct phishing attacks, via vectors involving (1) the html/en/default/ directory, (2) birt/frameset, (3) WebProcess.srv, (4) sqa/html/en/default/reportTemplate/reportTemplateOrderCols.jsp, or (5) a/html/en/default/om2/omObjectFinder.jsp.

References (3)

Scores

EPSS 0.0029
EPSS Percentile 52.1%

Details

CWE
CWE-79
Status published
Products (10)
ibm/tririga_application_platform
ibm/tririga_application_platform
ibm/tririga_application_platform
ibm/tririga_application_platform
ibm/tririga_application_platform
ibm/tririga_application_platform
ibm/tririga_application_platform
ibm/tririga_application_platform
ibm/tririga_application_platform
n/a/n/a
Published Apr 23, 2013
Tracked Since Feb 18, 2026