{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-02-20T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the server in IBM Cognos Business Intelligence (BI) 8.4.1, 10.1 before IF6, 10.1.1 before IF5, 10.2 before IF7, 10.2.1 before IF4, and 10.2.1.1 before IF4 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01.000Z", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"name": "ibm-cognos-cve20136732-xss(89394)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89394"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21662856"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "ID": "CVE-2013-6732", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in the server in IBM Cognos Business Intelligence (BI) 8.4.1, 10.1 before IF6, 10.1.1 before IF5, 10.2 before IF7, 10.2.1 before IF4, and 10.2.1.1 before IF4 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ibm-cognos-cve20136732-xss(89394)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89394"}, {"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21662856", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21662856"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T17:46:22.832Z"}, "title": "CVE Program Container", "references": [{"name": "ibm-cognos-cve20136732-xss(89394)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89394"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21662856"}]}]}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2013-6732", "datePublished": "2014-02-22T21:00:00.000Z", "dateReserved": "2013-11-08T00:00:00.000Z", "dateUpdated": "2024-08-06T17:46:22.832Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:cognos_business_intelligence:8.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "2B76A06D-761D-4CFE-A9E6-FC5A1F726CF5", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:cognos_business_intelligence:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "519B7097-7E46-4520-B9F9-A85E13A0F9CE", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:cognos_business_intelligence:10.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "B00BAD84-4BB6-41ED-835E-86AB150716D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:cognos_business_intelligence:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "6588FEE1-5A6F-4ED6-998A-B8CF54954F5D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:cognos_business_intelligence:10.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "FDA8132D-A09E-4D4C-9A5D-D708010CCFFD", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:cognos_business_intelligence:10.2.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "7CCBB0AE-ECD1-4192-B1BB-18439A4CF7B9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the server in IBM Cognos Business Intelligence (BI) 8.4.1, 10.1 before IF6, 10.1.1 before IF5, 10.2 before IF7, 10.2.1 before IF4, and 10.2.1.1 before IF4 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter."}, {"lang": "es", "value": "Una vulnerabilidad de tipo cross-site scripting (XSS) en el servidor en Cognos Business Intelligence (BI) de IBM versi\u00f3n 8.4.1, versi\u00f3n 10.1 anterior a IF6, versi\u00f3n 10.1.1 anterior a IF5, versi\u00f3n 10.2 anterior a IF7, versi\u00f3n 10.2.1 anterior a IF4 y versi\u00f3n 10.2.1.1 anterior a IF4, permita a los atacantes remotos inyectar script web o HTML arbitrario por medio de un par\u00e1metro no especificado."}], "id": "CVE-2013-6732", "lastModified": "2026-04-29T01:13:23.040", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2014-02-22T21:55:04.657", "references": [{"source": "psirt@us.ibm.com", "tags": ["Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21662856"}, {"source": "psirt@us.ibm.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89394"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21662856"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89394"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}