CNNVD-202512-4836 Information

CNNVD ID

CNNVD-202512-4836

Related CVE

CVE-2025-36230

• CNNVD Published: 2025-12-26

Description (Chinese)

IBM Aspera Faspex是美国国际商业机器（IBM）公司的一种用于快速的全球个人对个人文件交付和协作的解决方案。 IBM Aspera Faspex 5 5.0.14.1及之前版本存在安全漏洞，该漏洞源于远程攻击者可注入恶意HTML代码，可能导致在受害者浏览器中执行。

Description (English)

IBM Aspera Faspex is a solution for fast-tracking individual-to-personal document delivery and collaboration by the United States International Business Machine (IBM). IBM Aspera Faspex 5 5.0.14.1 and previous versions have a security loophole, which stems from the fact that long-range assailants can inject malicious HTML code, which may lead to implementation in the victim browser.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

国际商业机器

Published

2025-12-26

Last Modified

2026-02-24

References

https://www.ibm.com/support/pages/node/7255331 https://access.redhat.com/security/cve/cve-2025-36230

Patch

https://www.ibm.com/support/pages/node/7255331