CNNVD-202508-3337 Information

CNNVD ID

CNNVD-202508-3337

Related CVE

CVE-2024-49790

• CNNVD Published: 2025-08-28

Description (Chinese)

IBM Watson Studio on Cloud Pak for Data是美国国际商业机器（IBM）公司的一个智慧型搜寻与文字分析平台。 IBM Watson Studio on Cloud Pak for Data 4.0版本和5.0版本存在跨站脚本漏洞，该漏洞源于允许嵌入任意JavaScript代码，可能导致凭据泄露。

Description (English)

IBM Watson Studio on Cloud Pak for Data is an intelligent search and text analysis platform for IBM. IBM Watson Studio on Cloud Pak for Data 4.0 and 5.0 had a cross-site script loophole, which stemmed from allowing the embedding of any JavaScript code and could lead to a leak of evidence.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

国际商业机器

Published

2025-08-28

Last Modified

2026-02-24

References

https://www.ibm.com/support/pages/node/7243389 https://nvd.nist.gov/vuln/detail/CVE-2024-49790

Patch

https://www.ibm.com/support/pages/node/7243389