Stored Cross-Site Scripting in IBM QRadar SIEM Web Interface
CVE-2025-33118

5.4MEDIUM

Key Information:

Vendor: IBM
Status: Qradar Siem
Vendor: CVE Published:; 1 August 2025

What is CVE-2025-33118?

IBM QRadar SIEM versions 7.5 through 7.5.0 Update Pack 12 are susceptible to a stored cross-site scripting vulnerability. This security issue enables authenticated users to inject arbitrary JavaScript code into the Web UI, which can modify the user interface's intended behavior. Such manipulation poses significant risks, including the potential for credential disclosure within a trusted session, thereby compromising user security.

Affected Version(s)

QRadar SIEM 7.5 <= 7.5.0 Update Pack 12

References

https://www.ibm.com/support/pages/node/7241303

vendor-advisorypatch

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 1, 2025
Vulnerability Reserved
Apr 15, 2025

Credit

John Zuccato, Rodney Ryan, Chris Shepherd, Vince Dragnea, Ben Goodspeed, Dawid Bak