CVE-2025-36748

Publication date

2025-12-13 08:16:23

Family

DIVD

State

PUBLISHED

Description

ShineLan-X contains a stored cross site scripting (XSS) vulnerability in the local configuration web server. The JavaScript code snippet can be inserted in the communication module’s settings center. This may allow attackers to force a legitimate user’s browser’s JavaScript engine to run malicious code.