CNNVD-202511-2289 Information

CNNVD ID

CNNVD-202511-2289

Related CVE

CVE-2025-36153

• CNNVD Published: 2025-11-20

Description (Chinese)

IBM Concert是美国国际商业机器（IBM）公司的一种新工具。使用生成式 AI 来帮助管理复杂的云原生应用程序。 IBM Concert 1.0.0版本至2.0.0版本存在跨站脚本漏洞，该漏洞源于跨站脚本攻击，可能导致凭据泄露。

Description (English)

IBM Concert is a new tool for IBM. Use the Generating AI to help manage complex cloud raw applications. The IBM Concert 1.0.0 to 2.0.0 has a cross-site script loophole, which originates from a cross-site script attack and may lead to a leak of evidence.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

国际商业机器

Published

2025-11-20

Last Modified

2026-02-24

References

https://www.ibm.com/support/pages/node/7252019 https://access.redhat.com/security/cve/cve-2025-36153

Patch

https://www.ibm.com/support/pages/node/7252019