Input Validation Flaw in IBM OpenPages with Watson Affects User Data Integrity
CVE-2025-27367
5.3MEDIUM
What is CVE-2025-27367?
IBM OpenPages with Watson versions 8.3 and 9.0 contain an improper input validation vulnerability that allows an authenticated user to bypass client-side validation. This issue arises when the application fails to enforce required data fields for Governance, Risk Management, and Compliance (GRC) objects. Malicious actors can exploit this flaw by sending specially crafted payloads to the server, enabling them to save data without fulfilling the required field constraints, potentially leading to data integrity issues.
Affected Version(s)
OpenPages with Watson 8.3, 9.0