IBM Cloud Pak for Applications is an application from IBM USA, Inc. A cross-site scripting vulnerability exists in IBM Cloud Pak for Applications, which stems from the productβs lack of validation of user-side data, and could be exploited by an attacker to execute client-side code and potentially expose credentials in a trusted session.