Stored Cross-Site Scripting Vulnerability in IBM Security Guardium
CVE-2025-3440
5.5MEDIUM
What is CVE-2025-3440?
IBM Security Guardium version 11.5 has a vulnerability that allows a privileged user to inject arbitrary JavaScript into the Web UI. This stored cross-site scripting flaw can significantly compromise the integrity of user sessions by enabling attackers to disclose sensitive credentials within a trusted environment. Implementing the necessary security measures is essential to mitigate the risk associated with this vulnerability.
Affected Version(s)
Security Guardium 11.5