Sign In

CVE-2024-56341

📊 5.4 MEDIUM0.0%🎯 0 exploits
📅 Published Apr 2, 2025
📋 Status: Analyzed

IBM Content Navigator 3.0.11, 3.0.15, and 3.1.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

🎯 Affected Products & Systems

6 product configurations affected

Filter by type:
📱
ibm / content navigator
Application
Vulnerable
Version: 3.0.11
CPE:
cpe:2.3:a:ibm:content_navigator:3.0.11:*:*:*:*:*:*:*
📱
ibm / content navigator
Application
Vulnerable
Version: 3.0.15
CPE:
cpe:2.3:a:ibm:content_navigator:3.0.15:*:*:*:*:*:*:*
📱
ibm / content navigator
Application
Vulnerable
Version: 3.1.0
CPE:
cpe:2.3:a:ibm:content_navigator:3.1.0:*:*:*:*:*:*:*
💻
ibm / aix
Operating System
Safe
Version: All versions
CPE:
cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
💻
linux / linux kernel
Operating System
Safe
Version: All versions
CPE:
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
💻
microsoft / windows
Operating System
Safe
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
6 productsscroll for more
Metrics
5.4 MEDIUMCVSS v3.1[email protected]
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Attack Vector:
NETWORK
Complexity:
LOW
Privileges:
LOW
User Interaction:
REQUIRED
Confidentiality:
LOW
Integrity:
LOW
Availability:
NONE
Scope:
CHANGED

🔍 Technical Details

Analysis Status
Analyzed
CVSS Details
5.4 (MEDIUM)v3.1
Source: [email protected]
EPSS Details
0.0% (Minimal)4.1th percentile
Last updated: Oct 31, 2025
Exploitation probability within 30 days
Published Date
Apr 2, 2025 (7 months ago)
Last Modified
Aug 13, 2025 (2 months ago)
Security Weaknesses1
References2