PT-2026-53975 · Ibm · Watsonx.Data Intelligence
Published
2026-06-30
·
Updated
2026-06-30
·
CVE-2025-36320
CVSS v3.1
6.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
IBM watsonx.data intelligence versions 5.2.0 through 5.3.0
Description
An issue exists where an authenticated user can embed arbitrary JavaScript code into the Web UI. This stored cross-site scripting (XSS) allows for the alteration of intended functionality, which could potentially lead to the disclosure of credentials within a trusted session.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Watsonx.Data Intelligence