

Multiple Cisco Products Vulnerabilities
April 3, 2025
Multiple Google Chrome Vulnerabilities
April 3, 2025
Multiple Cisco Products Vulnerabilities
April 3, 2025
Multiple Google Chrome Vulnerabilities
April 3, 2025Severity
Medium
Analysis Summary
CVE-2024-56476 CVSS:5.3
IBM TXSeries for Multiplatforms 9.1 and 11.1 could allow an attacker to enumerate usernames due to an observable login attempt response discrepancy.
CVE-2024-56475 CVSS:5.4
IBM TXSeries for Multiplatforms 9is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
CVE-2024-56474 CVSS:4.3
IBM TXSeries for Multiplatforms is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
CVE-2025-0154 CVSS:5.3
IBM TXSeries for Multiplatforms could allow a remote attacker to obtain sensitive information, caused by improper neutralization of HTTP headers.
CVE-2024-56341 CVSS:5.4
IBM Content Navigator is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability using a specially crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
Impact
- Information Disclosure
- Cross-Site Scripting
Indicators of Compromise
CVE
CVE-2024-56476
CVE-2024-56475
CVE-2024-56474
CVE-2025-0154
CVE-2024-56341
Affected Vendors
- IBM
Affected Products
- IBM TXSeries for Multiplatforms - 9.1
- IBM TXSeries for Multiplatforms - 11.1
- IBM Content Navigator - 3.0.11
- IBM Content Navigator - 3.0.15
- IBM Content Navigator - 3.1.0
Remediation
Refer to the appropriate IBM Security Advisory for patch, upgrade, or suggested workaround information.