Datacap Navigator
Monthly
Forced browsing exposure in IBM Datacap and IBM Datacap Navigator 9.1.7 through 9.1.9 allows a highly privileged local user to access application resources and functionality not surfaced in the UI by constructing direct URL requests, bypassing the intended UI-driven access control model. The impact is limited to partial confidentiality disclosure (C:L) with no integrity or availability consequence, and no exploitation has been confirmed - no public exploit code exists and this CVE is absent from the CISA KEV catalog. IBM has released a patch addressing all affected versions.
Sensitive-data disclosure in IBM Datacap and Datacap Navigator (versions 9.1.7, 9.1.8, 9.1.9) lets an attacker recover user passwords and cryptographic keys that the application holds in cleartext in memory; the recovered keys can then decrypt stored credentials, authenticate to the application, and reach sensitive data in the backing database. IBM has released a patch. There is no public exploit identified at time of analysis, EPSS exploitation probability is negligible (0.08%, 0th percentile), and CISA SSVC rates exploitation as 'none' - indicating low immediate field risk despite the high CVSS confidentiality impact.
Cross-site scripting in IBM Datacap and Datacap Navigator 9.1.7 through 9.1.9 allows unauthenticated remote attackers to inject and execute arbitrary JavaScript within the Web UI, targeting authenticated users during active sessions. Successful exploitation can lead to credential theft or session hijacking by abusing the trust context of a legitimate user's browser. No public exploit code has been identified at time of analysis, and IBM has released a patch via official advisory.
IBM Datacap 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim.
CVE-2025-36026 is a security vulnerability (CVSS 4.3). Remediation should follow standard vulnerability management procedures.
IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim.
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to traverse directories on the system. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 displays version information in HTTP requests that could allow an attacker to gather information for future attacks against the system. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow an authenticated user to obtain sensitive information from source code that could be used in further attacks against the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to server-side request forgery (SSRF). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to stored cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Forced browsing exposure in IBM Datacap and IBM Datacap Navigator 9.1.7 through 9.1.9 allows a highly privileged local user to access application resources and functionality not surfaced in the UI by constructing direct URL requests, bypassing the intended UI-driven access control model. The impact is limited to partial confidentiality disclosure (C:L) with no integrity or availability consequence, and no exploitation has been confirmed - no public exploit code exists and this CVE is absent from the CISA KEV catalog. IBM has released a patch addressing all affected versions.
Sensitive-data disclosure in IBM Datacap and Datacap Navigator (versions 9.1.7, 9.1.8, 9.1.9) lets an attacker recover user passwords and cryptographic keys that the application holds in cleartext in memory; the recovered keys can then decrypt stored credentials, authenticate to the application, and reach sensitive data in the backing database. IBM has released a patch. There is no public exploit identified at time of analysis, EPSS exploitation probability is negligible (0.08%, 0th percentile), and CISA SSVC rates exploitation as 'none' - indicating low immediate field risk despite the high CVSS confidentiality impact.
Cross-site scripting in IBM Datacap and Datacap Navigator 9.1.7 through 9.1.9 allows unauthenticated remote attackers to inject and execute arbitrary JavaScript within the Web UI, targeting authenticated users during active sessions. Successful exploitation can lead to credential theft or session hijacking by abusing the trust context of a legitimate user's browser. No public exploit code has been identified at time of analysis, and IBM has released a patch via official advisory.
IBM Datacap 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim.
CVE-2025-36026 is a security vulnerability (CVSS 4.3). Remediation should follow standard vulnerability management procedures.
IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim.
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to traverse directories on the system. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 displays version information in HTTP requests that could allow an attacker to gather information for future attacks against the system. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow an authenticated user to obtain sensitive information from source code that could be used in further attacks against the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to server-side request forgery (SSRF). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to stored cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.