← back
CVE-2022-25784

User controllable HTML element attribute (potential XSS)

CVSS 9.1 CRITICALEPSS 0.6%CWE-79
Cross-site Scripting (XSS) vulnerability in Web GUI of SiteManager allows logged-in user to inject scripting. This issue affects: Secomea SiteManager all versions prior to 9.7.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Affected products
Secomea · SiteManager

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.secomea.com/support/cybersecurity-advisory/