EUVD-2023-26970

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

IBM Cloud Pak for Business Automation is vulnerable to stored cross-site scripting leading to credential risk.

Reporter	Title	Published	Views	Family All 11
IBM Security Bulletins	Security Bulletin: Security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for Febuary 2023	10 Mar 202318:29	–	ibm
IBM Security Bulletins	Security Bulletin: Persistent cross-site scripting vulnerability affect IBM Business Automation Workflow - CVE-2023-22860	2 Mar 202306:40	–	ibm
Circl	CVE-2023-22860	27 Feb 202318:27	–	circl
CNNVD	IBM Cloud Pak for Business Automation 跨站脚本漏洞	27 Feb 202300:00	–	cnnvd
CVE	CVE-2023-22860	27 Feb 202314:23	–	cve
Cvelist	CVE-2023-22860 IBM Cloud Pak for Business Automation cross-site scripting	27 Feb 202314:23	–	cvelist
NVD	CVE-2023-22860	27 Feb 202315:15	–	nvd
Prion	Cross site scripting	27 Feb 202315:15	–	prion
Positive Technologies	PT-2023-18735 · Ibm · Ibm Cloud Pak For Business Automation	27 Feb 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-22860	23 May 202504:45	–	redhatcve

[
  {
    "enisaIdVendor": [
      {
        "id": "51f4f2a0-fa31-3d42-a11a-f710c90cc816",
        "vendor": {
          "name": "IBM"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "123c0ebf-942a-3e9d-b903-c045ce7349e9",
        "product": {
          "name": "Cloud Pak for Business Automation"
        },
        "product_version": "18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, 22.0.2"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/6958062
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/244100

03 Oct 2025 20:07Current

5.6Medium risk

Vulners AI Score5.6

CVSS 3.15.4

EPSS0.00309

SSVC