IBM Planning Analytics Local
Moderate fix2 remedies
cpe:2.3:a:ibm:planning_analytics_local:*:*:*:*:*:*:*
Moderate fix2 remedies
- >= 2.1.0, <= 2.1.13
- >= 2.0.0, <= 2.0.106
IBM Planning Analytics Local Cross-Site Scripting Vulnerability
Vulnerability
Patched
A cross-site scripting vulnerability has been identified in IBM Planning Analytics Local versions 2.0.0 prior to 2.0.106 and 2.1.0 prior to 2.1.13. This vulnerability allows authenticated users to inject arbitrary JavaScript into the Web UI, potentially altering functionality and leading to credential disclosure within a trusted session.
Impact
Exploitation of this vulnerability could result in cross-site scripting, allowing for the injection of malicious scripts that could be executed in the context of the user's session.
Remediation
Users are advised to upgrade to IBM Planning Analytics Local version 2.1.14 or version 2.0.107. Instructions for downloading these versions are available on Fix Central.
Added: Sep 30, 2025, 8:19 PM
Updated: Sep 30, 2025, 8:19 PM
Vulnerability Rating
Custom Algorithm
spread
0.8impact
3.5exploitability
5.0remediation
7.7relevance
0.6threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.