CVE-2022-39163
published 2025-03-26CVE-2022-39163: IBM Cognos Controller 11.0.0 through 11.1.0 is vulnerable to a Client-Side Desync (CSD) attack where an attacker could exploit a desynchronized browser…
medium4.7CVSS 3.1
AVNACHPRNUIRSCCLILAN
IBM Cognos Controller 11.0.0 through 11.1.0 is vulnerable to a Client-Side Desync (CSD) attack where an attacker could exploit a desynchronized browser connection that could lead to further cross-site scripting (XSS) attacks.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | cognos_controller | 11.0.0 – 11.0.1 | — |
| ibm | controller | — | — |