Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Lifecycle Timeline
4DescriptionCVE.org
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session
AnalysisAI
IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6 contain a stored or reflected cross-site scripting (XSS) vulnerability in the Web UI that allows authenticated users to inject arbitrary JavaScript code. An attacker with valid credentials can exploit this vulnerability to steal session tokens, capture credentials entered by other users, or perform actions on behalf of compromised administrators within a trusted session, potentially leading to unauthorized access to sensitive data integration and metadata management systems.
Technical ContextAI
This vulnerability is classified as CWE-79 (Improper Neutralization of Input During Web Page Generation), which represents a failure to properly sanitize or encode user-supplied input before rendering it in HTML/JavaScript contexts. The affected product, IBM InfoSphere Information Server (CPE: cpe:2.3:a:ibm:infosphere_information_server), is an enterprise data integration and governance platform that exposes administrative and operational functionality through a Web UI. The vulnerability exists in the Web UI layer where user input is processed and reflected or stored without adequate output encoding, allowing malicious JavaScript payloads to execute in the browser context of other users accessing the same application.
RemediationAI
Upgrade IBM InfoSphere Information Server to version 11.7.1.7 or later immediately using the patch available from IBM at https://www.ibm.com/support/pages/node/7266764. Until patching can be completed, implement compensating controls by restricting access to the InfoSphere Web UI to a whitelist of trusted IP ranges using a reverse proxy or firewall rules, enforce HTTPS with HSTS headers to prevent downgrade attacks, disable browser JavaScript caching, and conduct an access review to remove unnecessary user privileges. Audit all recent Web UI activity logs for indicators of XSS payload injection or suspicious script execution patterns.
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-15987
GHSA-34x7-hfp2-rc4v