EUVD-2018-12052

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

IBM BigFix 9.2 and 9.5 is vulnerable to cross-site scripting allowing JavaScript embedding and credential exposure.

Reporter	Title	Published	Views	Family All 5
CNVD	IBM BigFix Platform Cross-Site Scripting Vulnerability (CNVD-2018-08995)	28 Apr 201800:00	–	cnvd
CVE	CVE-2018-1473	27 Apr 201815:00	–	cve
Cvelist	CVE-2018-1473	27 Apr 201815:00	–	cvelist
NVD	CVE-2018-1473	27 Apr 201815:29	–	nvd
Prion	Cross site scripting	27 Apr 201815:29	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "6dda0366-d5e0-3a5d-a3a2-61fb2db44c28",
        "vendor": {
          "name": "IBM"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "1c7804b7-a348-3322-90e8-f2f8e74e08fc",
        "product": {
          "name": "BigFix Platform"
        },
        "product_version": "9.2"
      },
      {
        "id": "fe6dd1f4-f791-3a8e-b99c-8b31872c403d",
        "product": {
          "name": "BigFix Platform"
        },
        "product_version": "9.5"
      }
    ]
  }
]

Source	Link
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/140691
ibm	www.ibm.com/support/docview.wss
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

6.3Medium risk

Vulners AI Score6.3

CVSS 36.1

CVSS 24.3

EPSS0.00182