Security Advisory

CVE-2025-10909

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-09-24 16:32:06

Last updated 2025-10-20 04:39:51

Assigner VulDB

State PUBLISHED

Description

A security flaw has been discovered in Mangati NovoSGA up to 2.2.9. The impacted element is an unknown function of the file /admin of the component SVG File Handler. Performing manipulation of the argument logoNavbar/logoLogin results in cross site scripting. Remote exploitation of the attack is possible. The exploit has been released to the public and may be exploited.

← Browse all CVEs View on cve.org ↗