Volerion logoVolerion
Volerion logoVolerion

IBM Planning Analytics Local Cross-Site Scripting Vulnerability

Vulnerability

A cross-site scripting vulnerability has been identified in IBM Planning Analytics Local versions 2.0 and 2.1. This issue allows authenticated users to inject arbitrary JavaScript into the Web UI, potentially altering functionality and leading to credential disclosure within a trusted session.

Impact

Exploitation of this vulnerability could result in cross-site scripting, allowing for the injection of malicious scripts that could be executed in the context of the user's session.

Remediation

Users are advised to upgrade to IBM Planning Analytics Local version 2.1.11 or version 2.0: Planning Analytics Workspace Release 104. Instructions for downloading these versions are available on Fix Central.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
0.8
impact
3.5
exploitability
5.0
remediation
7.7
relevance
0.2
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.