Vulnerability Details CVE-2025-1826
IBM Engineering Requirements Management DOORS Next (IBM Jazz Foundation 7.0.2 to 7.0.2 iFix034, 7.0.3 to 7.0.3 iFix016, and 7.1.0 to 7.1.0 iFix004) is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users on the host network to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 10.6%
CVSS Severity
CVSS v3 Score 5.4
Products affected by CVE-2025-1826
-
cpe:2.3:a:ibm:jazz_foundation:7.0.2
-
cpe:2.3:a:ibm:jazz_foundation:7.0.3
-
cpe:2.3:a:ibm:jazz_foundation:7.1.0