IBM CICS TX Advanced 10.1, 11.1, and Standard 11.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
                
            References
                    | Link | Resource | 
|---|---|
| https://www.ibm.com/support/pages/node/7171873 | Vendor Advisory | 
Configurations
                    Configuration 1 (hide)
| AND | 
 
 | 
History
                    14 Aug 2025, 17:15
| Type | Values Removed | Values Added | 
|---|---|---|
| Summary | 
 | |
| First Time | Linux Linux linux Kernel Ibm Ibm cics Tx | |
| CPE | cpe:2.3:a:ibm:cics_tx:11.1.0.0:-:*:*:advanced:*:*:* cpe:2.3:a:ibm:cics_tx:10.1:*:*:*:advanced:*:*:* cpe:2.3:a:ibm:cics_tx:11.1.0.0:-:*:*:standard:*:*:* cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* | |
| References | () https://www.ibm.com/support/pages/node/7171873 - Vendor Advisory | 
16 Jan 2025, 18:15
| Type | Values Removed | Values Added | 
|---|---|---|
| New CVE | 
Information
                Published : 2025-01-16 18:15
Updated : 2025-08-14 17:15
NVD link : CVE-2024-41746
Mitre link : CVE-2024-41746
CVE.ORG link : CVE-2024-41746
JSON object : View
Products Affected
                ibm
- cics_tx
linux
- linux_kernel
CWE
                
                    
                        
                        CWE-79
                        
            Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
