CVE-2025-61949

Sažetak

LogStare Collector contains a stored cross-site scripting vulnerability in UserManagement. If crafted user information is stored, an arbitrary script may be executed on the web browser of the user who logs in to the product's management page.

Reference

https://jvn.jp/en/jp/JVN77560819/
https://www.logstare.com/vulnerability/2025-001/

CVSS

Base:	5.4
Impact:	2.7
Exploitability:	2.3

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
LOW	LOW	NONE

CVSS vektor

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Zadnje važnije ažuriranje

05-12-2025 - 15:34

Objavljeno

21-11-2025 - 07:15