CVE-2023-38007 – IBM Cloud Pak System HTML Injection Vulnerability

June 27, 2025

CVE ID : CVE-2023-38007

Published : June 27, 2025, 3:15 p.m. | 3 hours, 57 minutes ago

Description : IBM Cloud Pak System 2.3.5.0, 2.3.3.7, 2.3.3.7 iFix1 on Power and 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.4.0, 2.3.4.1 on Intel operating systems is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim’s Web browser within the security context of the hosting site.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-53091 – WeGIA Time-Based Blind SQL Injection

Next Article CVE-2025-53277 – Infigo Software IS-theme-companion CSRF Object Injection

How AI further empowers value stream management

12 Top ReactJS Development Companies in 2025

Not sure where to go with AI? Here’s your roadmap.

This week in AI dev tools: A2A donated to Linux Foundation, OpenAI adds Deep Research to API, and more (June 27, 2025)

Capcom’s finally giving Street Fighter 6 players the outfits they’ve wanted — when all else fails, send in swimsuits

After 14 years, Monster Hunter Wilds is bringing back underwater combat alongside “Lagiacrus” and another familiar monster — the impossible has happened

OpenAI may prematurely declare AGI to cut ties with Microsoft — despite Sam Altman admitting today’s tech isn’t built for it

Forget YouTube’s ad blocker war — this Google AI Overviews clone might finally sell me on the $14/month Premium subscription

Say hello to ECMAScript 2025

Say hello to ECMAScript 2025

Ecma International approves ECMAScript 2025: What’s new?

Building Together: PRFT Colleagues Volunteer with Atlanta Habitat for Humanity

Capcom’s finally giving Street Fighter 6 players the outfits they’ve wanted — when all else fails, send in swimsuits

Capcom’s finally giving Street Fighter 6 players the outfits they’ve wanted — when all else fails, send in swimsuits

After 14 years, Monster Hunter Wilds is bringing back underwater combat alongside “Lagiacrus” and another familiar monster — the impossible has happened

OpenAI may prematurely declare AGI to cut ties with Microsoft — despite Sam Altman admitting today’s tech isn’t built for it

CVE-2023-38007 – IBM Cloud Pak System HTML Injection Vulnerability

CVE-2023-28902 – Skoda MIB3 Infotainment Unit Integer Underflow Denial-of-Service Vulnerability

CVE-2023-28906 – Skoda MIB3 Infotainment Command Injection Vulnerability

CVE-2024-13931 – ASPECT Relative Path Traversal File Access Vulnerability

CVE-2025-5222 – ICU Buffer Overflow Vulnerability

CVE-2025-25022 – IBM QRadar Suite Software Information Disclosure

Redpanda Announces the General Availability of Apache Iceberg Topics for the Enterprise

CVE-2025-48492 – GetSimple CMS Remote Code Execution (RCE) Vulnerability

Why I’m switching to VS Code. Hint: It’s all about AI tool integration

CVE-2025-3444 – Zohocorp ManageEngine ServiceDesk Plus MSP and SupportCenter Plus LFI Vulnerability

TC39: No to records and tuples, yes to enums

CVE-2023-38007 – IBM Cloud Pak System HTML Injection Vulnerability

Related Posts