PT-2025-8703 · Ibm · Ibm Cloud Pak For Data
Published
2025-02-26
·
Updated
2025-08-08
·
CVE-2025-0719
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Cloud Pak for Data versions 4.0.0 through 4.8.5
IBM Cloud Pak for Data version 5.0.0
Description
The issue allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session.
Recommendations
For IBM Cloud Pak for Data versions 4.0.0 through 4.8.5, update to a version that includes the fix for this issue.
For IBM Cloud Pak for Data version 5.0.0, update to a version that includes the fix for this issue.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Cloud Pak For Data