CVE-2023-25928

Name of the Vulnerable Software and Affected Versions IBM InfoSphere Information Server version 11.7

Description The issue is related to a cross-site scripting vulnerability in the web interface of the platform, which can be exploited by an attacker to execute arbitrary JavaScript code, potentially leading to credentials disclosure within a trusted session. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI, thus altering the intended functionality.

Recommendations For IBM InfoSphere Information Server version 11.7, consider disabling the web interface or restricting access to it until a patch is available to prevent potential exploitation of the cross-site scripting vulnerability.