IBM PowerSC HTML injection
Description
IBM PowerSC 1.3, 2.0, and 2.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 275113.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
IBM PowerSC versions 1.3, 2.0, and 2.1 are vulnerable to HTML injection, allowing a remote attacker to inject malicious HTML that executes in the victim's browser.
Vulnerability
IBM PowerSC versions 1.3, 2.0, and 2.1 are vulnerable to HTML injection [1]. An attacker can inject malicious HTML code that, when viewed by a victim, executes within the security context of the hosting site.
Exploitation
The attacker requires no authentication and can exploit the vulnerability over the network [1]. The attack relies on user interaction, as the victim must view the injected content (e.g., via a crafted link) [1].
Impact
Successful exploitation allows the attacker to inject arbitrary HTML, potentially leading to disclosure of sensitive information or modification of content within the browser's security context [1]. The CVSS base score is 6.1, indicating medium severity [1].
Mitigation
IBM has not yet released a fix for this vulnerability in the available references [1]. Users should monitor the IBM support page for updates and apply security patches when available.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.ibm.com/support/pages/node/7113759mitrevendor-advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/275113mitrevdb-entry
News mentions
0No linked articles in our index yet.