CVE-2025-36121
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-27

Last updated on: 2025-11-03

Assigner: IBM Corporation

Description
IBM OpenPages 9.1 and 9.0 is vulnerable to HTML injection. A remotely authenticated attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-27
Last Modified
2025-11-03
Generated
2026-06-16
AI Q&A
2025-10-27
EPSS Evaluated
2026-06-15
NVD
CVE-2025-36121
EUVD
EUVD-2025-36194
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
ibm openpages 9.0.0
ibm openpages 9.1.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-80 The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special characters such as "<", ">", and "&" that could be interpreted as web-scripting elements when they are sent to a downstream component that processes web pages.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an HTML injection issue in IBM OpenPages versions 9.0 and 9.1. It occurs because the application reflects user-supplied input directly into the HTML response without proper encoding or validation. A remotely authenticated attacker can inject malicious HTML code that executes in the victim's web browser within the security context of the hosting site, potentially leading to cross-site scripting (XSS) attacks. [1]

Impact Analysis

The vulnerability can allow an attacker with low privileges to inject malicious HTML code that executes in the context of the victim's browser. This can lead to unauthorized actions such as stealing sensitive information, session hijacking, or performing actions on behalf of the victim. The impact on confidentiality and integrity is low, and there is no impact on availability. [1]

Detection Guidance

Detection involves identifying if your IBM OpenPages application (versions 9.0 or 9.1) is vulnerable by checking if the specific URL endpoint reflects user-supplied input without proper encoding or validation. You can perform manual testing by sending crafted HTTP requests with HTML or script tags to the suspected endpoint and observing if the response reflects the input unencoded. For example, using curl: curl -i -X GET 'https://your-openpages-server/path?param=<script>alert(1)</script>' and inspecting the response for unencoded script tags. Automated web vulnerability scanners that test for reflected HTML or XSS injection can also be used against the application endpoints. However, no specific detection commands are provided in the resources. [1]

Mitigation Strategies

The immediate mitigation step is to update IBM OpenPages to the fixed versions: 9.1.2 or 9.0 with FixPack 5 and Interim Fix 5 applied. IBM recommends upgrading from versions 8.0 through 8.3 to these fixed and supported versions. There are no workarounds or other mitigations provided. Applying the official patches that sanitize input parameters according to security best practices is necessary to remediate the vulnerability. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-36121. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart