Ibm Openpages
8 CVEs affecting Ibm Openpages. Latest disclosed: 2025-11-12. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-36223 | Medium | 5.4 | 2025-11-12 | IBM OpenPages 9.0 and 9.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to c… |
CVE-2025-33110 | Medium | 5.4 | 2025-11-06 | IBM OpenPages 9.1, and 9.0 with Watson is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be execute… |
CVE-2025-36121 | Medium | 5.4 | 2025-10-27 | IBM OpenPages 9.1 and 9.0 is vulnerable to HTML injection. A remotely authenticated attacker could inject malicious HTML code, which when viewed, would be exec… |
CVE-2024-43176 | Medium | 5.4 | 2025-01-09 | IBM OpenPages 9.0 could allow an authenticated user to obtain sensitive information such as configurations that should only be available to privileged users. |
CVE-2025-27368 | Medium | 4.3 | 2025-11-12 | IBM OpenPages 9.0 and 9.1 is vulnerable to information disclosure of sensitive information due to a weaker than expected security for certain REST end points u… |
CVE-2025-2670 | Medium | 4.3 | 2025-07-09 | IBM OpenPages 9.0 is vulnerable to information disclosure of sensitive information due to a weaker than expected security for certain REST end points related t… |
CVE-2024-27257 | Medium | 4.3 | 2024-09-10 | IBM OpenPages 8.3 and 9.0 potentially exposes information about client-side source code through use of JavaScript source maps to unauthorized users. |
CVE-2025-36082 | Medium | 4.0 | 2025-09-15 | IBM OpenPages 9.0 and 9.1 allows web page cache to be stored locally which can be read by another user on the system. |