CNNVD-202510-1328 Information

CNNVD ID

CNNVD-202510-1328

Related CVE

CVE-2025-10240

• CNNVD Published: 2025-10-09

Description (Chinese)

Progress Flowmon是Progress公司的一个实时网络流量监控工具。 Progress Flowmon 12.5.5之前版本存在跨站脚本漏洞，该漏洞源于用户点击恶意链接可能触发意外操作，可能导致跨站请求伪造攻击。

Description (English)

Progress Flowmon is a real-time network traffic monitoring tool for Progress. Progress Flowmon 12.5.5 has a cross-site script loophole, which stems from the fact that a user clicking on a malicious link could trigger an accidental operation and could lead to cross-site requests for a false attack.

Hazard Level

Medium

Vulnerability Type

跨站脚本

Affected Vendor

Progress

Published

2025-10-09

Last Modified

2026-02-24

References

https://community.progress.com/s/article/Can-CVE-2025-10240-affect-Progress-Flowmon-appliance https://access.redhat.com/security/cve/cve-2025-10240

Patch

https://community.progress.com/s/article/Can-CVE-2025-10240-affect-Progress-Flowmon-appliance