Skip to main content

IBM CVE-2026-1243

| EUVDEUVD-2026-18112 MEDIUM
Cross-site Scripting (XSS) (CWE-79)
2026-04-02 ibm GHSA-x8pv-gc6r-gh6r
5.4
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.4 MEDIUM
AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

4
EUVD ID Assigned
Apr 02, 2026 - 01:00 euvd
EUVD-2026-18112
Analysis Generated
Apr 02, 2026 - 01:00 vuln.today
Patch released
Apr 02, 2026 - 01:00 nvd
Patch available
CVE Published
Apr 02, 2026 - 00:14 nvd
MEDIUM 5.4

DescriptionCVE.org

IBM Content Navigator 3.0.15, 3.1.0, and 3.2.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

AnalysisAI

Authenticated stored cross-site scripting (XSS) in IBM Content Navigator versions 3.0.15, 3.1.0, and 3.2.0 allows logged-in users to inject arbitrary JavaScript into the Web UI, potentially enabling credential theft or session hijacking within trusted browser contexts. The vulnerability requires user interaction (UI:R) and authenticated access (PR:L), limiting exposure to insider threats and social engineering scenarios where victims click attacker-controlled links. No public exploit code or active exploitation has been confirmed; patch availability from IBM mitigates the risk for patched deployments.

Technical ContextAI

This vulnerability is a stored XSS issue (CWE category: improper neutralization of input during web page generation) in IBM Content Navigator, a web-based enterprise content management client. The flaw exists in the Web UI component, where user-supplied input is not properly sanitized before being rendered in the browser. An authenticated user can craft malicious JavaScript payloads and embed them in Web UI elements (likely through form fields, document properties, or other persistent data stores). When another user interacts with the compromised content (UI:R indicates user interaction is required), the script executes in their browser session with the privileges of the authenticated Content Navigator user. The network attack vector (AV:N) indicates the vulnerability is reachable remotely, though authentication and user interaction form a defense-in-depth constraint.

RemediationAI

IBM has released patches to address this vulnerability; administrators should upgrade Content Navigator to the patched version specified in the vendor advisory at https://www.ibm.com/support/pages/node/7268006. Exact patched version numbers and upgrade procedures are detailed in that support document. In interim environments where patching cannot be immediately deployed, implement compensating controls by restricting Content Navigator access to trusted user populations, enforcing strong authentication (multi-factor authentication if supported), and educating users about the risks of clicking suspicious links or interacting with unfamiliar content within the application. Web Application Firewalls (WAF) configured to detect and block stored XSS payloads may provide limited protection but should not substitute for patching.

Share

CVE-2026-1243 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy