PT-2025-44773 · Unknown · Water Management System
Publicado
2025-11-03
·
Atualizado
2025-11-10
·
CVE-2025-63446
CVSS v3.1
6.1
Média
| Vetor | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Water Management System version 1.0
Description
Water Management System version 1.0 is susceptible to Cross Site Scripting (XSS) attacks. The issue is located in the
/add vendor.php endpoint. The vulnerability allows for the injection of malicious scripts through this endpoint.Recommendations
Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider disabling or restricting access to the
/add vendor.php endpoint until a patch is available.Exploit
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Water Management System