PT-2025-35089 · Ibm · Ibm Watson Studio+1
Published
2025-08-28
·
Updated
2025-08-29
·
CVE-2024-49790
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Watson Studio on Cloud Pak for Data versions 4.0 through 5.0
Description
IBM Watson Studio on Cloud Pak for Data is susceptible to a cross-site scripting issue. An authenticated user can inject arbitrary JavaScript code into the Web UI, potentially modifying the intended functionality and leading to credentials disclosure within a trusted session.
Recommendations
IBM Watson Studio on Cloud Pak for Data version 4.0: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
IBM Watson Studio on Cloud Pak for Data version 5.0: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cloud Pak For Data
Ibm Watson Studio