CVE-2025-9292

Name of the Vulnerable Software and Affected Versions Omada Cloud Controller (affected versions not specified)

Description A permissive web security configuration may allow cross-origin restrictions enforced by modern browsers to be bypassed under specific circumstances. Exploitation requires the presence of an existing client-side injection issue and user access to the affected web interface. Successful exploitation could allow unauthorized disclosure of sensitive information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.