CVE-2024-22348 | IBM UrbanCode Velocity/DevOps Velocity Trusted Domain cross-domain policy

Inserito da Angelo Barbosa | Gen 20, 2025 | CVE

A vulnerability was found in IBM UrbanCode Velocity and DevOps Velocity. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Trusted Domain Handler. The manipulation leads to permissive cross-domain policy with untrusted domains.

This vulnerability is known as CVE-2024-22348. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-22348 | IBM UrbanCode Velocity/DevOps Velocity Trusted Domain cross-domain policy

Post correlati

CVE-2024-5192 | amans2k Funnel Builder Plugin up to 3.3.1 on WordPress mimes cross site scripting

CVE-2025-0145 | Zoom Workplace App up to 6.2.4 on Windows untrusted search path

CVE-2023-49347 | budgie-wpreviews 2.1 temp file

CVE-2024-56211 | DeluxeThemes Userpro Plugin up to 5.1.9 on WordPress authorization