Security Advisory

CVE-2025-40642

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-09-08 11:25:15

Last updated 2025-09-08 13:36:31

Assigner INCIBE

State PUBLISHED

Description

Reflected Cross-Site Scripting (XSS) vulnerability in WebWork, which allows remote attackers to execute arbitrary code through the q and engine request parameters in /search.

← Browse all CVEs View on cve.org ↗