IBM Concert Software 1.0.0 through 1.1.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
History

Mon, 01 Sep 2025 14:45:00 +0000

Type Values Removed Values Added
Description IBM Concert Software 1.0.0 through 1.1.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Title IBM Concert Software cross-site scripting
First Time appeared Ibm
Ibm concert
Weaknesses CWE-79
CPEs cpe:2.3:a:ibm:concert:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:concert:1.1.0:*:*:*:*:*:*:*
Vendors & Products Ibm
Ibm concert
References
Metrics cvssV3_1

{'score': 5.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published:

Updated: 2025-09-01T14:22:14.739Z

Reserved: 2025-04-15T17:50:20.369Z

Link: CVE-2025-33083

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2025-09-01T15:15:34.640

Modified: 2025-09-01T15:15:34.640

Link: CVE-2025-33083

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.