A significant vulnerability was detected in IBM QRadar Suite Software and Cloud Pak for Security, allowing attackers to execute arbitrary JavaScript code.
An attacker can insert harmful executable scripts into the code of a reliable program or website via stored cross-site scripting, which affects IBM QRadar Suite Software and Cloud Pak for Security.
The IBM QRadar Suite Software aids in threat detection and response and is built to help your security teams outsmart threats with speed, accuracy, and efficiency.
The Cloud Pak for Security can connect disparate data sources — to uncover hidden threats and make better risk-based decisions — while leaving the data where it resides.
With a CVSS base score of 5.4, this medium-severity vulnerability has been identified as CVE-2023-47731.
Stored cross-site scripting vulnerability affects IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.19.0.
Because of this vulnerability, users can insert any JavaScript code into the Web UI, changing the intended functionality and perhaps exposing credentials inside of a trusted session.
“This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session”, reads the IBM X-Force Vulnerability Report.
When untrusted data enters a web application—usually through a web request—the web program dynamically creates a web page with the untrusted data on it, which can lead to cross-site scripting (XSS) vulnerabilities.
The application does not stop the data from containing content—such as JavaScript, HTML tags, HTML attributes, mouse events, Flash, ActiveX, etc.—that can be executed by a web browser while the page is being generated.
Free Webinar | Mastering WAAP/WAF ROI Analysis | Book Your Spot
The victim views the created webpage using a web browser. The webpage has a malicious script inserted using untrustworthy data.
Hence, the malicious script is executed by the victim’s web browser within the web server’s domain since it originates from a webpage sent by the web server.
Therefore, to resolve this vulnerability, you are advised to apply the patch, upgrade, or recommended workaround information as soon as feasible.
Looking to Safeguard Your Company from Advanced Cyber Threats? Deploy TrustNet to Your Radar ASAP.
The NPM package repository remains active, and despite a decline in malware numbers between 2023…
In a startling revelation, a new report indicates that three out of four enterprise users…
Two critical vulnerabilities have been identified in widely used software: CrushFTP and Next.js. CrushFTP, a…
In mid-March 2025, cybersecurity researchers uncovered "Operation ForumTroll," targeting Russian media outlets and educational institutions.…
CYFOX has uncovered significant vulnerabilities in smart TVs that could potentially disrupt entire enterprise networks.…
A sophisticated cyberattack campaign attributed to the North Korean Advanced Persistent Threat (APT) group Kimsuky…