- Description
- The user input was not sanitized on Reporting Hierarchy Management page of Foreseer Reporting Software (FRS) application which could lead into execution of arbitrary JavaScript in a browser context for all the interacting users. This security issue has been patched in the latest version 1.5.100 of the FRS.
- Source
- CybersecurityCOE@eaton.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 6.7
- Impact score
- 5.9
- Exploitability score
- 0.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- MEDIUM
- CybersecurityCOE@eaton.com
- CWE-79
- Hype score
- Not currently trending
🚨 CVE-2025-22491 🟠 MEDIUM (6.7) 🏢 Eaton - Foreseer Reporting Software (FRS) 🏗️ 0 🔗 https://t.co/jiH9DXYjec #CyberCron #VulnAlert https://t.co/lvmQ9TI0m8
@cybercronai
1 Mar 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-22491 Cross-Site Scripting (XSS) in Foreseer Reporting Software Reporting Hierarchy Management https://t.co/7j69NjQ35u
@VulmonFeeds
28 Feb 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes