Description
IBM watsonx.ai 1.1 through 2.0.3 and IBM watsonx.ai on Cloud Pak for Data 4.8 through 5.0.3 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
INFO
Published Date :
2025-01-12T01:10:43.851Z
Last Modified :
2025-01-13T15:16:25.499Z
Source :
ibm
AFFECTED PRODUCTS
The following products are affected by CVE-2024-49785 vulnerability.
| Vendors | Products |
|---|---|
| Ibm |
|
REFERENCES
Here, you will find a curated list of external links that provide in-depth information to CVE-2024-49785.
| URL | Resource |
|---|---|
| https://www.ibm.com/support/pages/node/7180723 |
|
CVSS Vulnerability Scoring System
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact