{“lastseen”:””,”description”:”IBM Engineering Requirements Management DOORS Next (IBM Jazz Foundation 7.0.2 to 7.0.2 iFix034,\u00a07.0.3 to 7.0.3 iFix016, and\u00a07.1.0 to 7.1.0 iFix004) is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users on the host network to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.”,”published”:”2025-10-07T17:50:00.512Z”,”modified”:”2025-10-07T18:15:35.175Z”,”type”:”cve”,”title”:”IBM Jazz Foundation cross-site scripting”,”source”:”ibm”,”references”:”https:\/\/www.ibm.com\/support\/pages\/node\/7247292″,”id”:”CVE-2025-1826″,”bulletinFamily”:””,”cwe”:[“CWE-79″],”cvelist”:null,”sourceData”:”IBM Jazz Foundation 7.0.2\\nIBM Jazz Foundation 7.0.3\\nIBM Jazz Foundation 7.1.0″,”sourceHref”:””,”cvss”:{“score”:5.4,”severity”:”MEDIUM”,”vector”:”CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:C\/C:L\/I:L\/A:N”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”Jazz Foundation”,”version”:”7.0.2″,”vendor”:”IBM”,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:””,”description”:”IBM Engineering Requirements Management DOORS Next (IBM Jazz Foundation 7.0.2 to 7.0.2 iFix034,\u00a07.0.3 to 7.0.3 iFix016, and\u00a07.1.0 to 7.1.0 iFix004) is vulnerable to stored cross-site…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,82,12,21,13,7,11,5],"class_list":["post-20530","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-54","tag-exploit","tag-medium","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n