CVE-2025-2610 - CERT CVE

  1. CVE-2025-2610

ID CVE-2025-2610
Sažetak Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling (Alarm Module modules) allows authenticated stored cross-site scripting. This vulnerability is associated with program files protected/components/MagnusLog.Php. This issue affects MagnusBilling: through 7.3.0.
Reference
CVSS
Base: 7.6
Impact: 4.7
Exploitability:2.3
Pristup
VektorSloženostAutentikacija
NETWORK LOW LOW
Impact
PovjerljivostCjelovitostDostupnost
HIGH LOW NONE
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N
Zadnje važnije ažuriranje 01-04-2025 - 20:28
Objavljeno 21-03-2025 - 23:15