Summary Multiple vulnerabilities affecting IBM Fusion could have resulted in reduced security. These issues have since been resolved. CVE-2024-6783, CVE-2024-9880, CVE-2024-51744, CVE-2024-47764, CVE-2024-9506, CVE-2024-45338, CVE-2025-25193, CVE-2024-21538, CVE-2025-27152, CVE-2024-47535, CVE-2024-43800, CVE-2024-43799, CVE-2023-5115, CVE-2023-5764, CVE-2024-9902, CVE-2024-8775, CVE-2024-11079, CVE-2024-45296, CVE-2024-33664, CVE-2024-33663, CVE-2024-45339, CVE-2024-45590, CVE-2025-30204, CVE-2024-57965, CVE-2024-52798, CVE-2024-12797, CVE-2024-11831, CVE-2024-39689, CVE-2024-55885, CVE-2024-4067, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2025-22868, CVE-2024-29041, CVE-2024-43796, CVE-2024-6119, CVE-2025-24970, CVE-2024-55565, CVE-2024-21536, CVE-2024-6827. Vulnerability Details CVEID:CVE-2024-6783 DESCRIPTION: A vulnerability has been discovered in Vue, that allows an attacker to perform XSS via prototype pollution. The attacker could change the prototype chain of some properties such as Object.prototype.staticClass or Object.prototype.staticStyle to execute arbitrary JavaScript code. CWE:CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CVSS Source: IBM X-Force CVSS Base score: 4.8 CVSS Vector:(CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N) CVEID:CVE-2024-9880 DESCRIPTION: Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. CWE:CWE-94: Improper Control of Generation of Code…Read More