CVE-2025-55618

CVSS v3.1

7.3

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions: Hyundai Navigation App version STD5W.EUR.HMC.230516.afa908d

Description: An attacker can inject HTML payloads into the profile name field within the navigation application, leading to the rendering of the injected content.

Recommendations: Sanitize user-supplied input for the profile name field to prevent the injection of HTML payloads.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2025-55618

Affected Products

Hyundai Navigation App

CVE-2025-55618

Weakness Enumeration

Related Identifiers

Affected Products

References · 7