Cross-Site Scripting Vulnerability in IBM ApplinX 11.1
CVE-2024-49791

6.4MEDIUM

Key Information:

Vendor

IBM
Status
Applinx
Vendor
CVE Published:
6 February 2025

What is CVE-2024-49791?

IBM ApplinX 11.1 contains a cross-site scripting (XSS) vulnerability which allows an authenticated user to inject arbitrary JavaScript code into the web interface. This can compromise the intended functionality of the application, potentially resulting in unauthorized access to sensitive information, such as user credentials, during a trusted session.

Affected Version(s)

ApplinX 11.1

References

https://www.ibm.com/support/pages/node/7182522
vendor-advisory

CVSS V3.1

Score:
6.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

.