IBM QRadar SIEM 7.5 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
2024-12-07T15:15:04.123
2025-07-25T21:09:30.517
Analyzed
CVSSv3.1: 6.4 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | ibm | qradar_security_information_and_event_manager | 7.5.0 | Yes |
| Application | ibm | qradar_security_information_and_event_manager | 7.5.0 | Yes |
| Application | ibm | qradar_security_information_and_event_manager | 7.5.0 | Yes |
| Application | ibm | qradar_security_information_and_event_manager | 7.5.0 | Yes |
| Application | ibm | qradar_security_information_and_event_manager | 7.5.0 | Yes |
| Application | ibm | qradar_security_information_and_event_manager | 7.5.0 | Yes |
| Application | ibm | qradar_security_information_and_event_manager | 7.5.0 | Yes |
| Application | ibm | qradar_security_information_and_event_manager | 7.5.0 | Yes |
| Application | ibm | qradar_security_information_and_event_manager | 7.5.0 | Yes |
| Application | ibm | qradar_security_information_and_event_manager | 7.5.0 | Yes |
| Application | ibm | qradar_security_information_and_event_manager | 7.5.0 | Yes |
| Operating System | linux | linux_kernel | - | No |