CVE-2023-26274: 
IBM QRadar SIEM vulnerability analysis and mitigation

CVE-2023-26274 is a cross-site scripting (XSS) vulnerability affecting IBM QRadar SIEM version 7.5.0. The vulnerability was discovered by IBM's Security Ethical Hacking team and was disclosed on February 21, 2023. The affected versions include IBM QRadar SIEM 7.5.0 through 7.5.0 UP5 (IBM Advisory).

The vulnerability allows users to embed arbitrary JavaScript code in the Web UI, which can alter the intended functionality of the application. It has been assigned a CVSS v3.1 base score of 5.4 (Medium) by NIST and 4.6 (Medium) by IBM, with the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N. The vulnerability is classified as CWE-79 (Improper Neutralization of Input During Web Page Generation) (NVD).

The exploitation of this vulnerability can potentially lead to credentials disclosure within a trusted session. The attack requires user interaction and can compromise the confidentiality and integrity of the system, though it does not affect system availability (GBHackers).

IBM has released a fix for this vulnerability in QRadar SIEM version 7.5.0 UP6. There are no alternative workarounds or mitigations available, and IBM recommends that all users promptly update their systems to the latest version (IBM Advisory).