CNNVD-202511-1366 Information

CNNVD ID

CNNVD-202511-1366

Related CVE

CVE-2025-36223

• CNNVD Published: 2025-11-12

Description (Chinese)

IBM OpenPages是美国国际商业机器（IBM）公司的一个由 AI 驱动、高度可扩展的管治、风险与合规 (GRC) 解决方案。 IBM OpenPages 9.0版本和9.1版本存在安全漏洞，该漏洞源于HOST标头输入验证不当，可能导致跨站脚本、缓存投毒或会话劫持攻击。

Description (English)

IBM OpenPages is an IBM-driven, highly scalable governance, risk and compliance (GRC) solution. IBM OpenPages version 9.0 and version 9.1 have a security loophole, which stems from inadequate HOST header input validation and may lead to cross-site scripts, caches of poisons or hijacking attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

国际商业机器

Published

2025-11-12

Last Modified

2026-02-24

References

https://www.ibm.com/support/pages/node/7250239 https://access.redhat.com/security/cve/cve-2025-36223

Patch

https://www.ibm.com/support/pages/node/7250239