Security Advisory

CVE-2025-3448

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-07 18:21:12

Last updated 2025-10-08 13:11:13

Assigner ABB

State PUBLISHED

Description

Reflected cross-site scripting (XSS) vulnerabilities exist in System Diagnostics Manager (SDM) of B&R Automation Runtime versions before 6.4 that enables a remote attacker to execute arbitrary JavaScript code in the context of the attacked user’s browser session

← Browse all CVEs View on cve.org ↗