PT-2025-35144 · Weaver · Weaver E-Mobile Mobile Management Platform
Goojar
·
Published
2025-08-28
·
Updated
2025-08-29
·
CVE-2025-9590
CVSS v2.0
4.0
Medium
| Vector | AV:N/AC:L/Au:S/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Weaver E-Mobile Mobile Management Platform versions prior to 20250814
Description
A cross site scripting issue exists in Weaver E-Mobile Mobile Management Platform. The
gohome argument can be manipulated to trigger this issue. This attack can be initiated remotely. The exploit is publicly available. The vendor was contacted regarding this disclosure but did not respond.Recommendations
Update Weaver E-Mobile Mobile Management Platform to a version later than 20250813.
Exploit
Fix
XSS
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Weaver E-Mobile Mobile Management Platform