How severe is CVE-2025-27909?

CVE-2025-27909 has a CVSS v3 score of 5.4 (MEDIUM).

CVE-2025-27909

Name: concert
Author: ibm

5.4MEDIUM

IBM Concert Software 1.0.0 through 1.1.0 uses cross-origin resource sharing (CORS) which could allow an attacker to carry out privileged actions as the domain name is not being limited to only trusted

Veröffentlicht: 8/18/2025Aktualisiert: 8/21/2025

Beschreibung

IBM Concert Software 1.0.0 through 1.1.0 uses cross-origin resource sharing (CORS) which could allow an attacker to carry out privileged actions as the domain name is not being limited to only trusted domains.

KI-AnalyseKI-gestützt

Betroffene Produkte

ibmconcert

Referenzen

https://www.ibm.com/support/pages/node/7242354
Vendor Advisory