PT-2025-43982 · Bae Systems · Bae Socet Gxp
Published
2025-10-27
·
Updated
2025-10-27
·
CVE-2025-54967
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
BAE SOCET GXP versions prior to 4.6.0.3
Description
The software allows external entities within XML-based files. An attacker can potentially compromise sensitive information by social engineering a user into opening a malicious file, which could trigger outbound requests.
Recommendations
Update to version 4.6.0.3 or later.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Bae Socet Gxp