VYPR
Unrated severityNVD Advisory· Published Oct 27, 2025· Updated Oct 27, 2025

IBM QRadar SIEM cross-site scripting

CVE-2025-36138

Description

IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • IBM/QRadar SIEMllm-fuzzy2 versions
    >=7.5, <=7.5.0.13 (Update Pack 13 Independent Fix 02)+ 1 more
    • (no CPE)range: >=7.5, <=7.5.0.13 (Update Pack 13 Independent Fix 02)
    • (no CPE)range: 7.5.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.