CNNVD-202509-4438 Information
Sep 30, 2025
cve
CNNVD ID
CNNVD-202509-4438
Related CVE
- CNNVD Published: 2025-09-30
Description (Chinese)
IBM Planning Analytics Local是美国国际商业机器(IBM)公司的一个基于网络的本地架构。 IBM Planning Analytics Local 2.0.0版本至2.0.106版本和2.1.0版本至2.1.13版本存在跨站脚本漏洞,该漏洞源于允许经过身份验证的用户在Web UI中嵌入任意JavaScript代码,可能导致凭据泄露。
Description (English)
IBM Planning Analytics Local is a web-based local structure of the United States International Business Machine (IBM). There is a cross-site script loophole between IBM Planning Analyticals Version 2.0.0 and Versions 2.0.106 and 2.1.0 to 2.1.13, which results from allowing any JavaScript code to be embedded in Web UI by an identified user, which may lead to a leaking of evidence.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
国际商业机器
Published
2025-09-30
Last Modified
2026-02-24
References
https://www.ibm.com/support/pages/node/7246602
Patch
https://www.ibm.com/support/pages/node/7246602
Share on: