13 matches found
CVE-2025-36018
IBM Concert 1.0.0 through 2.1.0 for Z hub component is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...
CVE-2025-36019
IBM Concert 1.0.0 through 2.1.0 for Z hub framework is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...
CVE-2025-36019
IBM Concert 1.0.0 through 2.1.0 for Z hub framework is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...
CVE-2025-36019
IBM Concert 1.0.0 through 2.1.0 for Z hub framework is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...
CVE-2025-36018
IBM Concert 1.0.0 through 2.1.0 for Z hub component is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...
CVE-2025-36018
CVE-2025-36018 affects IBM Concert, Z hub component versions 1.0.0 through 2.1.0. The Red Hat/NVD entries confirm a cross-site request forgery (CSRF) vulnerability that could enable an attacker to perform malicious/untrusted actions via a trusted user. No exploitation details are provided in the ...
CVE-2025-36018 Multiple Vulnerabilities in IBM Concert Software.
IBM Concert 1.0.0 through 2.1.0 for Z hub component is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...
CVE-2025-36018 Multiple Vulnerabilities in IBM Concert Software.
IBM Concert 1.0.0 through 2.1.0 for Z hub component is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...
CVE-2025-36018
IBM Concert 1.0.0 through 2.1.0 for Z hub component is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...
CVE-2025-36019
IBM Concert Z hub framework (versions 1.0.0 through 2.1.0) is affected by a cross-site scripting vulnerability enabling an unauthenticated attacker to inject arbitrary JavaScript into the Web UI, potentially leading to credentials disclosure within a trusted session. Remediation recommended in PT...
CVE-2025-36019 Multiple Vulnerabilities in IBM Concert Software.
IBM Concert 1.0.0 through 2.1.0 for Z hub framework is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...
CVE-2025-36019 Multiple Vulnerabilities in IBM Concert Software.
IBM Concert 1.0.0 through 2.1.0 for Z hub framework is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...
PT-2026-20244
Name of the Vulnerable Software and Affected Versions IBM Concert versions 1.0.0 through 2.1.0 Description The software is susceptible to cross-site request forgery, potentially enabling an attacker to perform unauthorized actions on behalf of a trusted user. The affected component is the Z hub...