Skip to main content
DashboardThreatsMapFeedsAPI
reconnecting
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.
Reconnecting to live updates…

CVE-2025-1826: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in IBM Jazz Foundation

0
Medium
VulnerabilityCVE-2025-1826cvecve-2025-1826cwe-79
Published: Tue Oct 07 2025 (10/07/2025, 17:50:00 UTC)
Source: CVE Database V5
Vendor/Project: IBM
Product: Jazz Foundation

Description

IBM Engineering Requirements Management DOORS Next (IBM Jazz Foundation 7.0.2 to 7.0.2 iFix034, 7.0.3 to 7.0.3 iFix016, and 7.1.0 to 7.1.0 iFix004) is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users on the host network to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

AI-Powered Analysis

AILast updated: 10/07/2025, 18:16:12 UTC

Technical Analysis

CVE-2025-1826 is a stored cross-site scripting (XSS) vulnerability classified under CWE-79 affecting IBM Engineering Requirements Management DOORS Next, specifically the IBM Jazz Foundation versions 7.0.2 through 7.1.0. This vulnerability arises due to improper neutralization of input during web page generation, allowing authenticated users on the host network to embed arbitrary JavaScript code into the web user interface. The injected script executes within the context of the victim's browser session, potentially altering the intended functionality of the application. The primary risk is the disclosure of sensitive information such as user credentials within a trusted session, which could lead to further compromise of the system or lateral movement within the network. Exploitation requires the attacker to have valid credentials and network access to the host running the Jazz Foundation application, and the victim must interact with the maliciously crafted content. The CVSS v3.1 base score is 5.4, reflecting medium severity with network attack vector, low attack complexity, required privileges, and user interaction. No public exploits are currently known, and IBM has not yet released patches, but the vulnerability is publicly disclosed and should be addressed promptly. This vulnerability is particularly concerning in environments where IBM Jazz Foundation is used for critical engineering and requirements management workflows, as compromise could impact project integrity and confidentiality.

Potential Impact

For European organizations, the impact of CVE-2025-1826 can be significant in sectors relying heavily on IBM Jazz Foundation for managing engineering requirements and project workflows, such as automotive, aerospace, manufacturing, and critical infrastructure. Successful exploitation could lead to unauthorized disclosure of credentials, enabling attackers to escalate privileges or move laterally within the network. This could compromise sensitive project data, intellectual property, and disrupt development processes. The vulnerability's requirement for authenticated access limits exposure to internal or trusted network users, but insider threats or compromised accounts increase risk. Additionally, altered application functionality could lead to data integrity issues or denial of service in workflows. Given the interconnected nature of European supply chains and regulatory requirements for data protection (e.g., GDPR), such breaches could also result in compliance violations and reputational damage.

Mitigation Recommendations

1. Monitor IBM’s official channels for patches or security advisories addressing CVE-2025-1826 and apply updates promptly once available. 2. Restrict user privileges to the minimum necessary, limiting who can input data into the vulnerable web UI components. 3. Implement network segmentation to restrict access to the Jazz Foundation application to trusted users and systems only. 4. Employ web application firewalls (WAF) with custom rules to detect and block suspicious script injection attempts targeting the application. 5. Conduct regular security training to raise awareness about the risks of XSS and encourage cautious interaction with web UI elements. 6. Use Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts within the application’s web interface. 7. Perform regular audits and monitoring of application logs to detect anomalous behavior or unauthorized script injections. 8. Consider deploying endpoint detection and response (EDR) solutions to identify lateral movement or credential misuse stemming from exploitation.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
ibm
Date Reserved
2025-03-01T14:39:35.654Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 68e55537a677756fc99a7725

Added to database: 10/7/2025, 6:00:23 PM

Last enriched: 10/7/2025, 6:16:12 PM

Last updated: 10/9/2025, 4:20:56 PM

Views: 12

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by
Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats