Security Advisory

CVE-2025-24344

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-04-30 11:33:44

Last updated 2025-04-30 14:52:12

Assigner bosch

State PUBLISHED

Description

A vulnerability in the error notification messages of the web application of ctrlX OS allows a remote unauthenticated attacker to inject arbitrary HTML tags and, possibly, execute arbitrary client-side code in the context of another users browser via a crafted HTTP request.

← Browse all CVEs View on cve.org ↗