CVE-2024-49343 Information

Description

IBM Informix Dynamic Server 12.10 and 14.10 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code which when viewed would be executed in the victim’s Web browser within the security context of the hosting site.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Reference

https://www.ibm.com/support/pages/node/7240777

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

REQUIRED

Confidentiality Impact

CHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

NONE

Base Severity

5.4

Related CNNVD

CNNVD-202507-3526 (Published: 2025-07-28)