PT-2026-1950 · Broadcom · Broadcom Dx Netops Spectrum

Published

2026-01-12

Updated

2026-01-12

CVE-2025-69275

CVSS v4.0

7.1

High

Vector

AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:H/SI:L/SA:N

Name of the Vulnerable Software and Affected Versions Broadcom DX NetOps Spectrum versions 24.3.9 and earlier

Description The software has a flaw due to reliance on a vulnerable third-party component, which allows for DOM-Based Cross-Site Scripting (XSS). DOM-Based XSS occurs when client-side scripts process data from an untrusted source, potentially leading to malicious code execution in the user's browser.

Recommendations Update Broadcom DX NetOps Spectrum to a version later than 24.3.9.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79CWE-1395

Related Identifiers

CVE-2025-69275

Affected Products

Broadcom Dx Netops Spectrum

PT-2026-1950 · Broadcom · Broadcom Dx Netops Spectrum

CVE-2025-69275

Weakness Enumeration

Related Identifiers

Affected Products

References · 6