Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-36088

Опубликовано: 15 авг. 2025
Источник: nvd
CVSS3: 5.4
EPSS Низкий

Описание

IBM TS4500 1.11.0.0-D00, 1.11.0.1-C00, 1.11.0.2-C00, and 1.10.00-F00 web GUI is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:o:ibm:storage_ts4500_library_firmware:1.10.00-f00:*:*:*:*:*:*:*
cpe:2.3:o:ibm:storage_ts4500_library_firmware:1.11.0.0-d00:*:*:*:*:*:*:*
cpe:2.3:o:ibm:storage_ts4500_library_firmware:1.11.0.1-c00:*:*:*:*:*:*:*
cpe:2.3:o:ibm:storage_ts4500_library_firmware:1.11.0.2-c00:*:*:*:*:*:*:*
cpe:2.3:h:ibm:storage_ts4500_library:-:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

Одно из

cpe:2.3:o:ibm:diamondback_tape_library_firmware:2.11.0.0-b00:*:*:*:*:*:*:*
cpe:2.3:o:ibm:diamondback_tape_library_firmware:2.11.0.1-c00:*:*:*:*:*:*:*
cpe:2.3:o:ibm:diamondback_tape_library_firmware:2.11.0.2-b00:*:*:*:*:*:*:*
cpe:2.3:o:ibm:diamondback_tape_library_firmware:2.11.0.4-c00:*:*:*:*:*:*:*
cpe:2.3:h:ibm:diamondback_tape_library:-:*:*:*:*:*:*:*

EPSS

Процентиль: 4%
0.00019
Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

github логотип

GHSA-vp42-pg8c-cjvw

CVSS3: 5.4
github
6 месяцев назад

IBM TS4500 1.11.0.0-D00, 1.11.0.1-C00, 1.11.0.2-C00, and 1.10.00-F00 web GUI is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

EPSS

Процентиль: 4%
0.00019
Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79