CVE-2025-33138
published 2025-05-22CVE-2025-33138: IBM Aspera Faspex 5.0.0 through 5.0.12 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be…
medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
IBM Aspera Faspex 5.0.0 through 5.0.12 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | aspera_faspex | >= 5.0.0 < 5.0.12.1 | 5.0.12.1 |
| ibm | aspera_faspex | 5.0.0 – 5.0.12 | — |