CVE-2024-52890

CWE-843 documents3 sources
Severity
6.1MEDIUM
EPSS
0.0%
top 94.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM IBM Engineering Lifecycle Optimization - PublishingIBM Engineering Lifecycle Optimization
Timeline
PublishedAug 5

Description

IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.03 could be susceptible to cross-site scripting due to no validation of URIs.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages2 packages

🔴Vulnerability Details

2
CVEList
IBM Engineering Lifecycle Optimization - Publishing cross-site scripting2025-08-05
GHSA
GHSA-2ppf-gqj9-p969: IBM Engineering Lifecycle Optimization - Publishing 72025-08-05
CVE-2024-52890 (MEDIUM CVSS 6.1) | IBM Engineering Lifecycle Optimizat | cvebase.io