IBM QRadar SIEM cross-site scripting

August 1, 2025 invoker category_cve

CVE Details

Basic Information

Title IBM QRadar SIEM cross-site scripting
Type cve
Published 2025-08-01T17:21:16.808Z
Modified 2025-08-01T17:34:02.243Z

Product Information

Vendor IBM
Product QRadar SIEM
Version 7.5

CVSS Information

Base Score 6.4 (MEDIUM)
Attack Vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Affected Products

  • IBM QRadar SIEM 7.5

Additional Information

CWE List CWE-79
Source ibm

Description

IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 12 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.