PT-2025-36934 · Ibm · Ibm Hardware Management Console - Power
Alexandru Copaceanu
·
Published
2025-09-09
·
Updated
2025-09-17
·
CVE-2025-36125
CVSS v3.1
6.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions:
IBM Hardware Management Console - Power versions 10.3.1050.0 and 11.1.1110.0
Description:
The IBM Hardware Management Console - Power is susceptible to a stored cross-site scripting issue. An authenticated user can inject arbitrary JavaScript code into the Web UI, potentially modifying the intended functionality and leading to credentials disclosure within a trusted session.
Recommendations:
For versions 10.3.1050.0 and 11.1.1110.0, sanitize all user inputs to prevent the injection of malicious scripts.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Hardware Management Console - Power