CNNVD-202509-605 Information

CNNVD ID

CNNVD-202509-605

Related CVE

CVE-2024-43184

• CNNVD Published: 2025-09-04

Description (Chinese)

IBM Jazz Foundation是美国国际商业机器（IBM）公司的一个面向软件交付技术的下一代协作平台。 IBM Jazz Foundation 7.0.2 iFix033及之前版本、7.0.3 iFix012及之前版本和7.1.0 iFix002及之前版本存在跨站脚本漏洞，该漏洞源于容易受到跨站脚本攻击，可能导致凭据泄露。

Description (English)

IBM Jazz Foundation is a next-generation collaborative platform for software delivery technology for the United States International Business Machine (IBM). The IBM Jazz Foundation 7.2 iFix03 and previous versions, 7.0.3 iFix012 and 7.1.iFix002 and previous versions have a cross-site script loophole, which arises out of their vulnerability to cross-site script attacks and may lead to the disclosure of evidence.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

国际商业机器

Published

2025-09-04

Last Modified

2026-02-24

References

https://www.ibm.com/support/pages/node/7244013

Patch

https://www.ibm.com/support/pages/node/7244013