Security Advisory

CVE-2025-27084

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-04-08 16:32:46

Last updated 2025-04-09 17:44:59

Assigner hpe

State PUBLISHED

Description

A vulnerability in the Captive Portal of an AOS-10 GW and AOS-8 Controller/Mobility Conductor could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack. Successful exploitation could enable the attacker to execute arbitrary script code in the victims browser within the context of the affected interface.

← Browse all CVEs View on cve.org ↗