IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site.
References
| Link | Resource |
|---|---|
| https://www.ibm.com/support/pages/node/7277801 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
History
06 Jul 2026, 13:25
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Ibm software Hub
Ibm Ibm watsonx.data Intelligence |
|
| CPE | cpe:2.3:a:ibm:watsonx.data_intelligence:-:*:*:*:*:*:*:* cpe:2.3:a:ibm:software_hub:*:*:*:*:*:*:*:* |
|
| References | () https://www.ibm.com/support/pages/node/7277801 - Vendor Advisory |
30 Jun 2026, 21:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-06-30 21:16
Updated : 2026-07-06 13:25
NVD link : CVE-2025-36321
Mitre link : CVE-2025-36321
CVE.ORG link : CVE-2025-36321
JSON object : View
Products Affected
ibm
- watsonx.data_intelligence
- software_hub
CWE
CWE-80
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
