- Description
- A vulnerability was found in ESAFENET CDG V5 and classified as problematic. This issue affects some unknown processing of the file /SysConfig.jsp. The manipulation of the argument help leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
- Source
- cna@vuldb.com
- NVD status
- Analyzed
- Products
- cdg
CVSS 4.0
- Type
- Secondary
- Base score
- 5.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
CVSS 3.1
- Type
- Primary
- Base score
- 6.1
- Impact score
- 2.7
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Secondary
- Base score
- 4
- Impact score
- 2.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:N/I:P/A:N
- cna@vuldb.com
- CWE-79
- Hype score
- Not currently trending
- CVE-2025-0785 Cross-Site Scripting in ESAFENET CDG V5 via /SysConfig.jsp Help Argument https://t.co/btywKNXXVI - @VulmonFeeds - 28 Jan 2025 - 4 Impressions - 0 Retweets - 0 Likes - 0 Bookmarks - 0 Replies - 0 Quotes 
- CVE-2025-0785 A vulnerability was found in ESAFENET CDG V5 and classified as problematic. This issue affects some unknown processing of the file /SysConfig.jsp. The manipulation of t… https://t.co/DfAtBOqhEf - @CVEnew - 28 Jan 2025 - 413 Impressions - 0 Retweets - 1 Like - 0 Bookmarks - 0 Replies - 0 Quotes 
[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:esafenet:cdg:5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "94F213FF-17EB-4B99-9621-80792AD14A74"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]