PT-2025-9871 · Unknown · Unifiedtransform

Armaansidana2003

Publicado

2025-03-05

Atualizado

2025-06-23

CVE-2025-25620

CVSS v3.1

5.4

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Unifiedtransform versions 2.X

Description The issue is related to Stored Cross-Site Scripting (XSS) in the "Create Assignment" function, allowing attackers to execute malicious scripts in the context of other users.

Recommendations For Unifiedtransform version 2.X, consider disabling the "Create Assignment" function until a patch is available to prevent exploitation. Restrict access to this function to minimize the risk of malicious script execution.

Exploit

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2025-25620

Produtos afetados

Unifiedtransform

PT-2025-9871 · Unknown · Unifiedtransform

CVE-2025-25620

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 10