exploitDog

GHSA-4f4p-9vfr-w7m4

Опубликовано: 17 сент. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 5.1

Описание

Cross-site Scripting vulnerability in NEC Corporation UNIVERGE IX from Ver.9.5 to Ver.10.7, from Ver.10.8.21 to Ver.10.8.36, from Ver.10.9.11 to Ver.10.9.24, from Ver.10.10.21 to Ver.10.10.31, Ver.10.11.6 and UNIVERGE IX-R/IX-V Ver1.3.16, Ver1.3.21 allows a attacker to inject an arbitrary scripts may be executed on the user's browser.

Cross-site Scripting vulnerability in NEC Corporation UNIVERGE IX from Ver.9.5 to Ver.10.7, from Ver.10.8.21 to Ver.10.8.36, from Ver.10.9.11 to Ver.10.9.24, from Ver.10.10.21 to Ver.10.10.31, Ver.10.11.6 and UNIVERGE IX-R/IX-V Ver1.3.16, Ver1.3.21 allows a attacker to inject an arbitrary scripts may be executed on the user's browser.

Ссылки

EPSS

Процентиль: 26%

0.00091

Низкий

5.1 Medium

CVSS4

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2025-8153

nvd

5 месяцев назад

Cross-site Scripting vulnerability in NEC Corporation UNIVERGE IX from Ver.9.5 to Ver.10.7, from Ver.10.8.21 to Ver.10.8.36, from Ver.10.9.11 to Ver.10.9.24, from Ver.10.10.21 to Ver.10.10.31, Ver.10.11.6 and UNIVERGE IX-R/IX-V Ver1.3.16, Ver1.3.21 allows a attacker to inject an arbitrary scripts may be executed on the user's browser.

EPSS

Процентиль: 26%

0.00091

Низкий

5.1 Medium

CVSS4

CVE ID

Дефекты

CWE-79