Multiple cross-site scripting (XSS) vulnerabilities in IBM TRIRIGA Application Platform 2.x and 3.x prior to 3.3, and 8, allow remote malicious users to inject content, and conduct phishing attacks, via vectors involving (1) the html/en/default/ directory, (2) birt/frameset, (3) WebProcess.srv, (4) sqa/html/en/default/reportTemplate/reportTemplateOrderCols.jsp, or (5) a/html/en/default/om2/omObjectFinder.jsp.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm tririga application platform 3.2 |
||
ibm tririga application platform 2.1 |
||
ibm tririga application platform 8.0 |
||
ibm tririga application platform 3.0 |
||
ibm tririga application platform 2.7 |
||
ibm tririga application platform 2.6 |
||
ibm tririga application platform 2.5 |
||
ibm tririga application platform 3.2.1 |
||
ibm tririga application platform 3.1 |