CVE-2025-27367

Name of the Vulnerable Software and Affected Versions: IBM OpenPages with Watson versions 8.3 through 9.0

Description: The issue is related to improper input validation. This occurs due to the bypassing of client-side validation for data types and the requiredness of fields for GRC Objects. When an authenticated user sends a specially crafted payload to the server, it allows data to be saved without storing the required fields.

Recommendations: For IBM OpenPages with Watson versions 8.3 through 9.0, consider implementing server-side validation to ensure that all required fields for GRC Objects are properly stored and validated before saving data to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.