IBM Concert Software 1.0.0 through 1.1.0 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.ibm.com/support/pages/node/7243699 |
![]() ![]() |
History
Mon, 01 Sep 2025 14:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | IBM Concert Software 1.0.0 through 1.1.0 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |
Title | IBM Concert Software cross-site scripting | |
First Time appeared |
Ibm
Ibm concert |
|
Weaknesses | CWE-79 | |
CPEs | cpe:2.3:a:ibm:concert:1.0.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:concert:1.1.0:*:*:*:*:*:*:* |
|
Vendors & Products |
Ibm
Ibm concert |
|
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: ibm
Published:
Updated: 2025-09-01T14:23:54.041Z
Reserved: 2025-01-22T18:20:01.761Z
Link: CVE-2025-0656

No data.

Status : Received
Published: 2025-09-01T15:15:33.593
Modified: 2025-09-01T15:15:33.593
Link: CVE-2025-0656

No data.

No data.