CVE-2025-27909 – IBM Concert Software CORS Privilege Escalation

CVE ID : CVE-2025-27909

Published : Aug. 18, 2025, 2:15 p.m. | 1 hour, 56 minutes ago

Description : IBM Concert Software 1.0.0 through 1.1.0 uses cross-origin resource sharing (CORS) which could allow an attacker to carry out privileged actions as the domain name is not being limited to only trusted domains.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…