CVE-2025-14289
IBM webMethods Integration Server 12.0 is vulnerable to HTML injection in the Security > Claims UI (CVE-2025-14289). A remote attacker could inject malicious HTML that executes in the victim’s browser within the hosting site’s security context. Root cause: improper neutralization of script-rel...