Cross-Site Scripting Vulnerability in IBM TXSeries for Multiplatforms
CVE-2024-56475

5.4MEDIUM

Key Information:

Vendor: IBM
Status: Txseries For Multiplatforms
Vendor: CVE Published:; 2 April 2025

Summary

IBM TXSeries for Multiplatforms versions 9.1 and 11.1 are affected by a cross-site scripting vulnerability that allows authenticated users to inject arbitrary JavaScript code into the Web UI. This action can alter the expected behavior of the application, potentially leading to unauthorized disclosure of sensitive credentials within a trusted session, exposing users to various security risks.

Affected Version(s)

TXSeries for Multiplatforms 9.1, 11.1

References

https://www.ibm.com/support/pages/node/7229880

vendor-advisory

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Apr 2, 2025
Vulnerability Reserved
Dec 26, 2024