Ibm Applinx
15 CVEs affecting Ibm Applinx. Latest disclosed: 2026-01-20. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-36418 | High | 7.3 | 2026-01-20 | IBM ApplinX 11.1 is vulnerable due to a privilege escalation vulnerability due to improper verification of JWT tokens. An attacker may be able to craft or modi… |
CVE-2025-36408 | Medium | 6.4 | 2026-01-20 | IBM ApplinX 11.1 is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI… |
CVE-2024-49791 | Medium | 6.4 | 2025-02-05 | IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus a… |
CVE-2024-49797 | Medium | 5.9 | 2025-02-05 | IBM ApplinX 11.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An att… |
CVE-2025-36409 | Medium | 5.4 | 2026-01-20 | IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus a… |
CVE-2024-49796 | Medium | 5.4 | 2025-02-05 | IBM ApplinX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote atta… |
CVE-2024-49793 | Medium | 5.4 | 2025-02-05 | IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus a… |
CVE-2024-49792 | Medium | 5.4 | 2025-02-05 | IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus a… |
CVE-2025-36419 | Medium | 5.3 | 2026-01-20 | IBM ApplinX 11.1 could disclose sensitive information about server architecture that could aid in further attacks against the system. |
CVE-2024-49800 | Medium | 4.3 | 2025-02-05 | IBM ApplinX 11.1 stores sensitive information in cleartext in memory that could be obtained by an authenticated user. |
CVE-2024-49798 | Medium | 4.3 | 2025-02-05 | IBM ApplinX 11.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This informa… |
CVE-2024-49795 | Medium | 4.3 | 2025-02-05 | IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a use… |
CVE-2024-49794 | Medium | 4.3 | 2025-02-05 | IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a use… |
CVE-2025-36411 | Low | 3.5 | 2026-01-20 | IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a use… |
CVE-2025-36410 | Low | 3.1 | 2026-01-20 | IBM ApplinX 11.1 could allow an authenticated user to perform unauthorized administrative actions on the server due to server-side enforcement of client-side s… |