CVE-2025-2895
IBM Cloud Pak System 2.3.3.6, 2.3.36 iFix1, 2.3.3.7, 2.3.3.7 iFix1, 2.3.4.0, 2.3.4.1, and 2.3.4.1 iFix1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site.
| Software | From | Fixed in |
|---|---|---|
| ibm / cloud_pak_system | 2.3.3.6 | 2.3.3.6.x |
| ibm / cloud_pak_system | 2.3.3.6-ifix1 | 2.3.3.6-ifix1.x |
| ibm / cloud_pak_system | 2.3.3.7 | 2.3.3.7.x |
| ibm / cloud_pak_system | 2.3.3.7-ifix1 | 2.3.3.7-ifix1.x |
| ibm / cloud_pak_system | 2.3.4.0 | 2.3.4.0.x |
| ibm / cloud_pak_system | 2.3.4.1 | 2.3.4.1.x |
| ibm / cloud_pak_system | 2.3.4.1-ifix1 | 2.3.4.1-ifix1.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime