IBM OpenPages with Watson 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session
History

Wed, 09 Jul 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 08 Jul 2025 18:45:00 +0000

Type Values Removed Values Added
Description IBM OpenPages with Watson 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session
Title IBM OpenPages with Watson cross-site scripting
First Time appeared Ibm
Ibm openpages With Watson
Weaknesses CWE-79
CPEs cpe:2.3:a:ibm:openpages_with_watson:9.0:*:*:*:*:*:*:*
Vendors & Products Ibm
Ibm openpages With Watson
References
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2025-07-08T18:25:54.730Z

Updated: 2025-07-09T13:36:08.289Z

Reserved: 2023-09-15T01:12:19.597Z

Link: CVE-2023-43039

cve-icon Vulnrichment

Updated: 2025-07-09T13:36:04.244Z

cve-icon NVD

Status : Received

Published: 2025-07-08T19:15:24.763

Modified: 2025-07-08T19:15:24.763

Link: CVE-2023-43039

cve-icon Redhat

No data.