EUVD-2018-12008

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

IBM MQ Appliance versions 9.0.1 to 9.0.4 vulnerable to cross-site scripting allowing embedded JavaScript.

Reporter	Title	Published	Views	Family All 7
IBM Security Bulletins	Security Bulletin: IBM MQ Appliance is affected by a cross-site scripting vulnerability (CVE-2018-1429).	13 Aug 201918:29	–	ibm
CNVD	Cross-site scripting vulnerability in IBM MQ (CNVD-2018-06420)	26 Mar 201800:00	–	cnvd
CVE	CVE-2018-1429	23 Mar 201819:00	–	cve
Cvelist	CVE-2018-1429	23 Mar 201819:00	–	cvelist
NVD	CVE-2018-1429	23 Mar 201819:29	–	nvd
Prion	Cross site scripting	23 Mar 201819:29	–	prion
Tenable Nessus	IBM WebSphere 9.0.0.x < 9.0.0.3 / 9.0.0 < 9.0.5 Multiple Vulnerabilities	6 Apr 201800:00	–	nessus

[
  {
    "enisaIdVendor": [
      {
        "id": "208a9c60-a58b-3b10-95a7-c8e8926d6bd2",
        "vendor": {
          "name": "IBM"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "06eb2fc6-b29a-3d39-bcc4-2438469c363a",
        "product": {
          "name": "MQ Appliance"
        },
        "product_version": "9.0.3"
      },
      {
        "id": "64b75170-465f-39bd-ac77-b353032a05f0",
        "product": {
          "name": "MQ Appliance"
        },
        "product_version": "9.0.2"
      },
      {
        "id": "7ce7f79b-405b-3958-915a-b1b47f317436",
        "product": {
          "name": "MQ Appliance"
        },
        "product_version": "9.0.1"
      },
      {
        "id": "f1bb8776-ea3b-3902-9943-aade8c94c0c4",
        "product": {
          "name": "MQ Appliance"
        },
        "product_version": "9.0.4"
      }
    ]
  }
]

Source	Link
securitytracker	www.securitytracker.com/id/1040564
ibm	www.ibm.com/support/docview.wss
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/139077
securityfocus	www.securityfocus.com/bid/103491
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

5.6Medium risk

Vulners AI Score5.6

CVSS 35.4

CVSS 23.5

EPSS0.00403