CNNVD-202509-4271 Information

CNNVD ID

CNNVD-202509-4271

Related CVE

CVE-2025-36239

• CNNVD Published: 2025-09-27

Description (Chinese)

IBM Storage TS4500 Library是美国国际商业机器（IBM）公司的一个磁带库系统。 IBM Storage TS4500 Library 1.11.0.0版本和2.11.0.0版本存在跨站脚本漏洞，该漏洞源于未经验证的攻击者可在Web UI中嵌入任意JavaScript代码，可能导致凭据泄露。

Description (English)

IBM Storage TS 4500 Library is a tape bank system of IBM. The IBM Storage TS 4500 Library 1.11.0 and 2.11.0.0 have a cross-site script loophole, which stems from the fact that unverified assailants can embed any JavaScript code in Web UI, which could lead to a leak of evidence.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

国际商业机器

Published

2025-09-27

Last Modified

2026-02-24

References

https://www.ibm.com/support/pages/node/7246246 https://access.redhat.com/security/cve/cve-2025-36239

Patch

https://www.ibm.com/support/pages/node/7246246