CVE-2025-65231

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Barix Instreamer versions prior to 04.07

Description The software contains a Cross Site Scripting (XSS) issue within the Web UI. Specifically, the I/O & Serial configuration page’s CTS close command user-input field is affected. This field stores user-provided data and subsequently renders it on the Status page, creating a potential for XSS attacks. The vulnerable input is located on the I/O & Serial configuration page and impacts the rendering of data on the Status page. The vulnerable parameter is the CTS close command user-input field.

Recommendations Update to version 04.07 or later.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2025-65231

Affected Products

Barix Instreamer

CVE-2025-65231

Weakness Enumeration

Related Identifiers

Affected Products

References · 7