Security Advisory

CVE-2025-5015

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-06-25 16:23:54

Last updated 2025-06-25 20:09:56

Assigner icscert

State PUBLISHED

Description

A cross-site scripting vulnerability exists in the AccuWeather and Custom RSS widget that allows an unauthenticated user to replace the RSS feed URL with a malicious one.

← Browse all CVEs View on cve.org ↗