CVE-2024-45094 – IBM DS8900F and DS8A00 HMC Stored Cross-Site Scripting Vulnerability

May 27, 2025

CVE ID : CVE-2024-45094

Published : May 27, 2025, 11:15 p.m. | 1 hour, 44 minutes ago

Description : IBM DS8900F and DS8A00 Hardware Management Console (HMC) is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

Severity: 5.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-2796 – Arista EOS IPsec Anti-Replay Protection Vulnerability

Next Article CVE-2024-11185 – Arista EOS VLAN Isolation Bypass

The state of DevOps and AI: Not just hype

A Breeze Of Inspiration In September (2025 Wallpapers Edition)

10 Top Generative AI Development Companies for Enterprise Node.js Projects

Prompting Is A Design Act: How To Brief, Guide And Iterate With AI

Look out, Meta Ray-Bans! These AI glasses just raised over $1M in pre-orders in 3 days

Samsung ‘Galaxy Glasses’ powered by Android XR are reportedly on track to be unveiled this month

The M4 iPad Pro is discounted $100 as a last-minute Labor Day deal

Distribution Release: Linux From Scratch 12.4

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

August report 2025

Fake News Detection using Python Machine Learning (ML)

Installing Proxmox on a Raspberry Pi to run Virtual Machines on it

Installing Proxmox on a Raspberry Pi to run Virtual Machines on it

Download Transcribe! for Windows

Microsoft Fixes CertificateServicesClient (CertEnroll) Error in Windows 11

CVE-2024-45094 – IBM DS8900F and DS8A00 HMC Stored Cross-Site Scripting Vulnerability

Hacker suspected of trying to cheat his way into university is arrested in Spain

ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics

Understanding Clean Rooms: A Comparative Analysis Between Databricks and Snowflake

Mirai Botnet Actively Exploiting GeoVision IoT Devices Command Injection Vulnerabilities

Pinout with Dan Johnson

CVE-2025-50583 – StudentManage Cross-Site Scripting (XSS) Vulnerability

UX Job Interview Helpers

CVE-2025-41235 – Spring Cloud Gateway Server Untrusted Proxy Header Manipulation Vulnerability

Google just gave the Gemini Live app its biggest update yet – Android and iOS versions included

Multi Vulnerabilities Found in SonicWall SMA 100 Series Prompt Urgent Security Update

CVE-2024-45094 – IBM DS8900F and DS8A00 HMC Stored Cross-Site Scripting Vulnerability

Related Posts