CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
CVE-2025-23227: IBM Tivoli Application Dependency Discovery Manager cross-site scripting
6.4
CVSS
Description
IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.11 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Classification
CVE ID: CVE-2025-23227
CVSS Base Severity: MEDIUM
CVSS Base Score: 6.4
Affected Products
Vendor: IBM
Product: Tivoli Application Dependency Discovery Manager
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.05% (probability of being exploited)
EPSS Percentile: 16.49% (scored less or equal to compared to others)
EPSS Date: 2025-02-21 (when was this score calculated)