Security Advisory

CVE-2025-2775

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-05-07 14:43:23

Last updated 2025-11-19 18:33:18

Assigner VulnCheck

State PUBLISHED

Description

SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the Checkin processing functionality, allowing for administrator account takeover and file read primitives.

← Browse all CVEs View on cve.org ↗