← volver
CVE-2025-58114

Potential XSS in Extension:CognitiveProcessDesigner

CVSS 5.9 MEDIUMEPSS 0.2%CWE-20
Improper Input Validation vulnerability in Hallo Welt! GmbH BlueSpice (Extension:CognitiveProcessDesigner) allows Cross-Site Scripting (XSS).This issue affects BlueSpice: from 5 through 5.1.1.
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
Productos afectados
Hallo Welt! GmbH · BlueSpice

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://en.wiki.bluespice.com/wiki/Security:Security_Advisories/BSSA-2025-05