Unrated severityNVD Advisory· Published Nov 20, 2025· Updated Nov 20, 2025
IBM Concert Cross-Site Scripting
CVE-2025-36153
Description
IBM Concert 1.0.0 through 2.0.0 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1- www.ibm.com/support/pages/node/7252019mitrevendor-advisorypatch
News mentions
0No linked articles in our index yet.