Skip to main content

IBM CVE-2026-2485

| EUVDEUVD-2026-15989 MEDIUM
Cross-site Scripting (XSS) (CWE-79)
4.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
4.8 MEDIUM
AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

4
EUVD ID Assigned
Mar 25, 2026 - 20:32 euvd
EUVD-2026-15989
Analysis Generated
Mar 25, 2026 - 20:32 vuln.today
Patch released
Mar 25, 2026 - 20:32 nvd
Patch available
CVE Published
Mar 25, 2026 - 20:22 nvd
MEDIUM 4.8

DescriptionCVE.org

IBM Infosphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

AnalysisAI

IBM Infosphere Information Server versions 11.7.0.0 through 11.7.1.6 contain a stored cross-site scripting (XSS) vulnerability in the Web UI that allows privileged users to inject arbitrary JavaScript code, potentially leading to credential disclosure and session compromise. While a vendor patch is available, the attack requires high privileges and user interaction, resulting in a moderate CVSS score of 4.8. This vulnerability does not appear to have active exploitation in the wild or public proof-of-concept code, but should be prioritized for organizations running vulnerable versions in security-sensitive environments.

Technical ContextAI

The vulnerability is rooted in CWE-79 (Improper Neutralization of Input During Web Page Generation), a classic stored XSS flaw where user-controlled input is not properly sanitized before being persisted in the application database and subsequently rendered in the Web UI without output encoding. IBM Infosphere Information Server (CPE: cpe:2.3:a:ibm:infosphere_information_server) is an enterprise data integration and governance platform that processes and displays user-supplied data in web-based dashboards and configuration interfaces. The affected versions 11.7.0.0 through 11.7.1.6 fail to implement adequate input validation or output encoding mechanisms in specific Web UI components, allowing an authenticated administrator or high-privileged user to embed malicious JavaScript payloads that execute in the context of other users' trusted sessions.

RemediationAI

Upgrade IBM Infosphere Information Server to version 11.7.1.7 or later, following the vendor's official patch guidance at https://www.ibm.com/support/pages/node/7266765. Organizations unable to patch immediately should implement compensating controls: restrict Web UI access to trusted IP ranges via firewall rules, enforce multi-factor authentication for all privileged accounts to reduce the risk of credential-based exploitation, conduct periodic access reviews to minimize unnecessary high-privilege assignments, and enable web application firewall (WAF) rules to detect and block common XSS payloads in request parameters. Monitor application logs for suspicious JavaScript injection attempts in stored data fields.

Share

CVE-2026-2485 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy