CVE-2025-0458

Name of the Vulnerable Software and Affected Versions Virtual Computer Vysual RH Solution version 2024.12.1

Description A problematic issue was found in the Login Panel component, specifically in the /index.php file, affecting an unknown functionality. The manipulation of the page argument leads to cross-site scripting. This issue can be exploited remotely. The exploit has been publicly disclosed, and the vendor was contacted but did not respond.

Recommendations For Virtual Computer Vysual RH Solution version 2024.12.1, as a temporary workaround, consider restricting access to the /index.php file of the Login Panel component to minimize the risk of exploitation. Avoid using the page argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.