CNNVD-202509-049 Information

CNNVD ID

CNNVD-202509-049

Related CVE

CVE-2025-33083

• CNNVD Published: 2025-09-01

Description (Chinese)

IBM Concert Software是美国国际商业机器（IBM）公司的一个应用生命周期风险识别软件。 IBM Concert Software 1.0.0至1.1.0版本存在跨站脚本漏洞，该漏洞源于跨站脚本攻击，可能导致凭据泄露。

Description (English)

IBM Concert Software is an application life-cycle risk identification software for IBM. Versions 1.0.0 to 1.1.0 of IBM Concert Software contain a cross-site script loophole, which originates from a cross-site script attack and could lead to a leak of evidence.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

国际商业机器

Published

2025-09-01

Last Modified

2026-02-24

References

https://www.ibm.com/support/pages/node/7243699 https://access.redhat.com/security/cve/cve-2025-33083 https://nvd.nist.gov/vuln/detail/CVE-2025-33083

Patch

https://www.ibm.com/support/pages/node/7243699