CVE-2026-1276

MEDIUM WAF: High

CVSS 5.4 Published: 2026-03-19

CWE-79

IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

WAF Coverage Analysis

Cross-Site Scripting (XSS) High WAF Coverage

OWASP: A03:2021 Injection

941xxx - XSS / XXE

References

www.ibm.com

Back to CVE Database