PT-2025-29451 · Adm+1 · Adm+1
Engin Aydoğan
·
Published
2025-07-14
·
Updated
2025-07-18
·
CVE-2025-7618
CVSS v4.0
4.8
Medium
| Vector | AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions:
ADM versions 4.1.0 through 4.3.3.RH61
ADM version 5.0.0.RIN1 and earlier
Text Editor version 1.0.0.r112 and earlier
Description:
A stored Cross-Site Scripting (XSS) vulnerability exists in the File Explorer and Text Editor of ADM. An attacker could exploit this vulnerability to inject malicious scripts into the applications, potentially gaining access to cookies or other sensitive information retained by the browser and used with the affected applications.
Recommendations:
Update ADM to a version later than 4.3.3.RH61.
Update ADM to a version later than 5.0.0.RIN1.
Update Text Editor to a version later than 1.0.0.r112.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Adm
Ktexteditor