Security Advisory

CVE-2025-5990

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-06-15 18:01:09

Last updated 2025-06-16 13:48:53

Assigner GitLab

State PUBLISHED

Description

An input neutralization vulnerability in the Server Name form and API Key form components of Crafty Controller allows a remote, authenticated attacker to perform stored XSS via malicious form input.

← Browse all CVEs View on cve.org ↗