CVE-2025-33118: 
IBM QRadar SIEM vulnerability analysis and mitigation

CVE-2025-33118 is a stored cross-site scripting vulnerability affecting IBM QRadar SIEM versions 7.5 through 7.5.0 Update Pack 12. The vulnerability was discovered and disclosed on August 1, 2025, and was assigned a CVSS v3.1 base score of 6.4 (Medium) by IBM Corporation (IBM Advisory, NVD).

The vulnerability is classified as CWE-79 (Improper Neutralization of Input During Web Page Generation). It has been assigned a CVSS v3.1 vector of CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N, indicating network accessibility, low attack complexity, required low privileges, no user interaction, changed scope, and low impact on confidentiality and integrity with no impact on availability (NVD).

This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI, potentially leading to credentials disclosure within a trusted session. The attack can alter the intended functionality of the application and compromise user sessions (IBM Advisory).

IBM has released QRadar 7.5.0 UP13 and QIF 7.5.0 UP13 as fixes for this vulnerability. IBM strongly encourages customers to update their systems promptly to these versions (IBM Advisory).