CVE-2025-36000

Name of the Vulnerable Software and Affected Versions: IBM WebSphere Application Server Liberty versions 17.0.0.3 through 25.0.0.8

Description: IBM WebSphere Application Server Liberty is susceptible to stored cross-site scripting. A privileged user can embed arbitrary JavaScript code into the Web UI, potentially altering intended functionality and leading to credentials disclosure within a trusted session.

Recommendations: For versions prior to 17.0.0.3 and 25.0.0.9, there is no information about a newer version that contains a fix for this vulnerability.