Security Advisory

CVE-2025-13902

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-10 17:06:00

Last updated 2026-03-10 18:19:19

Assigner schneider

State PUBLISHED

Description

CWE-79 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) vulnerability exists that could cause condition where authenticated attackers can have a victim’s browser run arbitrary JavaScript when the victim hovers over a maliciously crafted element on a web server containing the injected payload.

← Browse all CVEs View on cve.org ↗