EUVD-2025-209180
GHSA-3927-xmmf-mw2x
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Lifecycle Timeline
4DescriptionNVD
IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
AnalysisAI
Stored cross-site scripting in IBM Aspera Shares 1.9.9 through 1.11.0 allows authenticated high-privilege users to inject arbitrary JavaScript into the Web UI, potentially enabling credential theft or session hijacking within trusted browser sessions. CVSS 5.5 reflects the requirement for elevated privileges but global scope impact; no public exploit or active exploitation confirmed.
Technical ContextAI
IBM Aspera Shares is a web-based file collaboration platform. The vulnerability resides in insufficient input sanitization on user-controllable input stored within the Web UI application layer. Stored XSS vulnerabilities (CWE-79 class) occur when user-supplied data is persisted in a backend store (database, configuration, filesystem) and later rendered in a browser without proper output encoding. This differs from reflected XSS in that the malicious payload is re-executed for any user viewing the affected content, making it persistent across sessions. The attack vector is network-based with low complexity; however, the attack requires high-privilege user roles (PR:H per CVSS vector), significantly limiting the attack surface compared to unauthenticated XSS vulnerabilities. The resulting impact includes confidentiality and integrity loss (credential disclosure, functional alteration) within the scope of the Web application.
RemediationAI
Upgrade IBM Aspera Shares to a version released after 1.11.0 that includes the stored XSS fix; consult IBM support pages node/7267848 for the exact patched version number and deployment instructions. If immediate upgrade is unavailable, restrict administrative and high-privilege user accounts to trusted networks via firewall rules or VPN, enforce multi-factor authentication on privileged accounts, and monitor Web UI input fields for suspicious JavaScript patterns. Apply the official patch from IBM as soon as it becomes available for your deployment model (on-premises or SaaS). Review IBM's advisory at https://www.ibm.com/support/pages/node/7267848 for version-specific guidance and rollback procedures if needed.
More from same product – last 7 days
Remote code execution in IBM Langflow OSS versions 1.0.0 through 1.9.1 lets unauthenticated network attackers run arbitr
Remote code execution and authentication bypass are possible in IBM Aspera High-Speed Transfer Server and High-Speed Tra
Authentication bypass in IBM Aspera High-Speed Transfer Server for Cloud Pak for Integration (CP4I) versions 1.5.1 throu
Hard-coded credentials in IBM Controller (versions 11.0.1, 11.1.0, 11.1.1, and 11.1.2) give attackers a static, embedded
Arbitrary code execution in IBM Aspera High-Speed Transfer Server and Endpoint (versions 3.7.4 through 4.4.7 Fix Pack 1)
Share
External POC / Exploit Code
Leaving vuln.today