CNNVD-202506-3193 Information

CNNVD ID

CNNVD-202506-3193

Related CVE

CVE-2025-5015

• CNNVD Published: 2025-06-25

Description (Chinese)

Parsons Utility Enterprise Data Management是美国Parsons公司的一个运营数据的解决方案 Parsons Utility Enterprise Data Management存在跨站脚本漏洞，该漏洞源于未经验证的用户可替换RSS feed URL为恶意URL。

Description (English)

Parsons Utility Enterprise Data Management is a solution to the operating data of Parsons. Parsons Utility Enterprise Data Management has a cross-site script loophole, which results from uncertified users who can replace RSS feed URLs as malicious URLs.

Hazard Level

Medium

Vulnerability Type

跨站脚本

Affected Vendor

Parsons

Published

2025-06-25

Last Modified

2026-02-24

References

https://www.cisa.gov/news-events/ics-advisories/icsa-25-175-06 https://nvd.nist.gov/vuln/detail/CVE-2025-5015

Patch

https://www.parsons.com/products/utility-edm/