CVE-2025-3718

Name of the Vulnerable Software and Affected Versions versions prior to 2025-3718

Description A client-side path traversal issue exists in the web management interface front-end because of inadequate input validation. An authenticated user with limited privileges can create a malicious URL. Visiting this URL by an authenticated victim can result in a Cross-Site Scripting (XSS) attack. The vulnerability involves a missing validation of an input parameter.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.