CNNVD-202509-050 Information

CNNVD ID

CNNVD-202509-050

Related CVE

CVE-2025-0656

• CNNVD Published: 2025-09-01

Description (Chinese)

IBM Concert Software是美国国际商业机器（IBM）公司的一个应用生命周期风险识别软件。 IBM Concert Software 1.0.0至1.1.0版本存在跨站脚本漏洞，该漏洞源于容易受到跨站脚本攻击，可能导致凭据泄露。

Description (English)

IBM Concert Software is an application life-cycle risk identification software for IBM. Versions 1.0.0 to 1.1.0 of IBM Concert Software contain a cross-site script loophole, which stems from its vulnerability to cross-site script attacks and may lead to the disclosure of evidence.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

国际商业机器

Published

2025-09-01

Last Modified

2026-02-24

References

https://www.ibm.com/support/pages/node/7243699 https://nvd.nist.gov/vuln/detail/CVE-2025-0656 https://access.redhat.com/security/cve/cve-2025-0656

Patch

https://www.ibm.com/support/pages/node/7243699