CVE-2025-28380

Sažetak

A cross-site scripting (XSS) vulnerability in OpenC3 COSMOS v6.0.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the URL parameter.

Reference

https://openc3.com/
https://visionspace.com/openc3-cosmos-a-security-assessment-of-an-open-source-mission-framework/

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

13-06-2025 - 14:15

Objavljeno

13-06-2025 - 14:15