PT-2025-46719 · Ibm · Ibm Openpages
Published
2025-11-11
·
Updated
2025-11-18
·
CVE-2025-36223
CVSS v2.0
6.4
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
IBM OpenPages versions 9.0 through 9.1
Description
IBM OpenPages versions 9.0 and 9.1 are susceptible to HTTP header injection due to insufficient validation of the
HOST headers. This could enable an attacker to perform various attacks against the system, including cross-site scripting, cache poisoning, or session hijacking.Recommendations
Apply appropriate input validation to the
HOST headers in IBM OpenPages versions 9.0 and 9.1.Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Openpages