CVE-2025-0719 – IBM Cloud Pak for Data cross-site scripting

https://notcve.org/view.php?id=CVE-2025-0719

26 Feb 2025 — IBM Cloud Pak for Data 4.0.0 through 4.8.5 and 5.0.0 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. • https://www.ibm.com/support/pages/node/7184173 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •