Security Advisory

CVE-2025-3718

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-07 12:33:18

Last updated 2025-10-07 13:21:49

Assigner Nozomi

State PUBLISHED

Description

A client-side path traversal vulnerability was discovered in the web management interface front-end due to missing validation of an input parameter. An authenticated user with limited privileges can craft a malicious URL which, if visited by an authenticated victim, leads to a Cross-Site Scripting (XSS) attack.

← Browse all CVEs View on cve.org ↗