CVE-2023-38007

CVSS v2.0

5.5

Medium

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions: IBM Cloud Pak System versions 2.3.3.6 through 2.3.5.0

Description: A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. This issue is related to HTML injection.

Recommendations: For IBM Cloud Pak System versions 2.3.3.6 through 2.3.5.0, update to a version that includes the fix for this issue to prevent HTML injection attacks.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-80CWE-79

Related Identifiers

BDU:2025-09843

CVE-2023-38007

Affected Products

Ibm Cloud Pak System

CVE-2023-38007

Weakness Enumeration

Related Identifiers

Affected Products

References · 8