IBM QRadar SIEM 7.5 through 7.5.0 Dashboard is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.ibm.com/support/pages/node/7242869 |
![]() ![]() |
History
Fri, 22 Aug 2025 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | IBM QRadar SIEM 7.5 through 7.5.0 Dashboard is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |
Title | IBM QRadar SIEM cross-site scripting | |
First Time appeared |
Ibm
Ibm qradar Security Information And Event Manager |
|
Weaknesses | CWE-79 | |
CPEs | cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:-:*:*:*:*:*:* cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_13:*:*:*:*:*:* |
|
Vendors & Products |
Ibm
Ibm qradar Security Information And Event Manager |
|
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: ibm
Published:
Updated: 2025-08-22T15:05:10.392Z
Reserved: 2025-04-15T21:16:10.568Z
Link: CVE-2025-36042

Updated: 2025-08-22T15:05:04.274Z

Status : Awaiting Analysis
Published: 2025-08-22T15:15:32.483
Modified: 2025-08-22T18:08:51.663
Link: CVE-2025-36042

No data.

No data.