Security Advisory

CVE-2025-15112

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-30 22:41:46

Last updated 2026-03-11 19:29:59

Assigner VulnCheck

State PUBLISHED

Description

Ksenia Security lares (legacy model) version 1.6 contains a URL redirection vulnerability in the cmdOk.xml script that allows attackers to manipulate the redirectPage GET parameter. Attackers can craft malicious links that redirect authenticated users to arbitrary websites when clicking on a specially constructed link hosted on a trusted domain.

← Browse all CVEs View on cve.org ↗