How severe is CVE-2025-27909?

CVE-2025-27909 has a CVSS v3 score of 5.4 (MEDIUM).

CVE-2025-27909

Name: concert
Author: ibm

5.4MEDIUM

IBM Concert Software 1.0.0 through 1.1.0 uses cross-origin resource sharing (CORS) which could allow an attacker to carry out privileged actions as the domain name is not being limited to only trusted

Опубликовано: 8/18/2025Обновлено: 8/21/2025

Описание

IBM Concert Software 1.0.0 through 1.1.0 uses cross-origin resource sharing (CORS) which could allow an attacker to carry out privileged actions as the domain name is not being limited to only trusted domains.

ИИ-АнализНа базе ИИ

Затронутые продукты

ibmconcert

Ссылки

https://www.ibm.com/support/pages/node/7242354
Vendor Advisory