- Description
- Download of Code Without Integrity Check vulnerability in Centreon web allows Reflected XSS. A user with elevated privileges can inject XSS by altering the content of a SVG media during the submit request. This issue affects web: from 24.10.0 before 24.10.5, from 24.04.0 before 24.04.11, from 23.10.0 before 23.10.22, from 23.04.0 before 23.04.27, from 22.10.0 before 22.10.29.
- Source
- bd4443e6-1eef-43f3-9886-25fc9ceeaae7
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 8.4
- Impact score
- 6
- Exploitability score
- 1.7
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
- Severity
- HIGH
- bd4443e6-1eef-43f3-9886-25fc9ceeaae7
- CWE-494
- Hype score
- Not currently trending
CVE-2025-4648 Download of Code Without Integrity Check vulnerability in Centreon web allows Reflected XSS. A user with elevated privileges can inject XSS by altering the content of a… https://t.co/XDpoSXrlon
@CVEnew
13 May 2025
474 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-4648: HIGH] Vulnerability found in Centreon web's integrity check process allows for a Reflected XSS attack. Issue affects versions from 24.10.0 to 22.10.29. Patch available in versions 24.10.5, 24.0...#cve,CVE-2025-4648,#cybersecurity https://t.co/Zhb6ZrqSQA https://t.
@CveFindCom
13 May 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes