Unrated severityNVD Advisory· Published Apr 18, 2025· Updated Aug 28, 2025
IBM i improper HTTP header neutralization
CVE-2025-2950
Description
IBM i 7.3, 7.4, 7.5, and 7.5 is vulnerable to a host header injection attack caused by improper neutralization of HTTP header content by IBM Navigator for i. An authenticated user can manipulate the host header in HTTP requests to change domain/IP address which may lead to unexpected behavior.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
1- www.ibm.com/support/pages/node/7231320mitrevendor-advisorypatch
News mentions
0No linked articles in our index yet.