Medium severity5.4NVD Advisory· Published May 26, 2026· Updated Jun 1, 2026
CVE-2025-36148
CVE-2025-36148
Description
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4.0 through 3.2.4.15 IBM Financial Transaction Manager SWIFT is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:ibm:financial_transaction_manager_for_multiplatform:*:*:*:*:*:swift_services:*:*+ 1 more
- cpe:2.3:a:ibm:financial_transaction_manager_for_multiplatform:*:*:*:*:*:swift_services:*:*range: >=3.2.4.0,<3.2.4.16
- (no CPE)range: >=3.2.4.0, <=3.2.4.15
Patches
Vulnerability mechanics
References
1- www.ibm.com/support/pages/node/7272275nvdVendor Advisory
News mentions
0No linked articles in our index yet.