CVE-2025-33138

Name of the Vulnerable Software and Affected Versions IBM Aspera Faspex versions 5.0.0 through 5.0.12

Description The issue allows a remote attacker to inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. This is a result of an HTML injection flaw.

Recommendations For IBM Aspera Faspex versions 5.0.0 through 5.0.12, update to a version that fixes the HTML injection issue to prevent malicious code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.