The IBM TS4500 web GUI versions 1.10.00-F00 and 1.11.0.0-D00 through 1.11.0.2-C00 are susceptible to a cross-site scripting vulnerability. This issue allows an authenticated user to inject arbitrary JavaScript code into the web interface. The consequence is a potential alteration of the intended functionality, which could result in unauthorized access to user credentials during a trusted session. Users are encouraged to apply available patches to mitigate this risk.
https://securityvulnerability.io/vulner ... 2025-36088