CNNVD-202509-2872 Information
Sep 18, 2025
cve
CNNVD ID
CNNVD-202509-2872
Related CVE
- CNNVD Published: 2025-09-18
Description (Chinese)
IBM Watsonx.data是美国国际商业机器(IBM)公司的一款开放式数据湖仓平台。 IBM Watsonx.data 2.2版本存在跨站脚本漏洞,该漏洞源于特权用户可在Web UI中嵌入任意JavaScript代码,可能导致存储型跨站脚本攻击和凭据泄露。
Description (English)
IBM Watsonx.data is an open-data lake platform of the United States International Business Machine (IBM). Version 2.2 of IBM Watsonx.data has a cross-site script loophole, which stems from the privileged user ’ s ability to embed any JavaScript code in Web UI, which could lead to storage-type cross-site script attacks and leaks.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
ICEcoder
Published
2025-09-18
Last Modified
2026-02-24
References
https://www.ibm.com/support/pages/node/7245387
Patch
https://www.ibm.com/support/pages/node/7245387
Share on: