CNNVD-202601-3210 Information
CNNVD ID
CNNVD-202601-3210
Related CVE
- CNNVD Published: 2026-01-20
Description (Chinese)
IBM Application Gateway是美国国际商业机器(IBM)公司的一个应用网关。提供了一个容器化的安全 Web 反向代理,该代理旨在位于您的应用程序之前,为您的应用程序无缝添加身份验证和授权保护。 IBM Application Gateway 23.10版本至25.09版本存在安全漏洞,该漏洞源于远程攻击者可注入恶意HTML代码,可能导致在受害者浏览器中执行。
Description (English)
IBM Application Gateway is an application gateway for IBM. A secure web reverse agent for containerization is provided, which is intended to be located in front of your application and to add seamless authentication and authorization protection to your application. IBM Application Gateway 23.10 to 25.09 contains a security loophole, which stems from the fact that remote assailants can inject malicious HTML codes, which may lead to implementation in the victim browser.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
国际商业机器
Published
2026-01-20
Last Modified
2026-02-24
References
https://www.ibm.com/support/pages/node/7256857
Patch
https://www.ibm.com/products/application-gateway
Share on: