CNNVD-202511-2752 Information

Nov 25, 2025 cve

CNNVD ID

CNNVD-202511-2752

CVE-2025-40890

CNNVD Published: 2025-11-25

Description (Chinese)

Nozomi Networks CMC和Nozomi Networks Guardian都是美国Nozomi Networks公司的产品。Nozomi Networks CMC是一款网络管理平台。Nozomi Networks Guardian是一款防护软件。 Nozomi Networks CMC和Nozomi Networks Guardian v25.4.0之前版本存在跨站脚本漏洞，该漏洞源于Dashboards功能中输入参数验证不当，可能导致存储型跨站脚本攻击。

Description (English)

Nozomi Networks CMC and Nozomi Networks Guardian are products of Nozomi Networks in the United States. Nozomi Networks CMC is a web-based management platform. Nozomi Networks Guardian is a protective software. Nozomi Networks CMC and Nozomi Networks Guardian v25.4.0 had a cross-site script loophole, which stemmed from the improper verification of input parameters in the Dashboards function and could result in a storage-type cross-site script attack.

Hazard Level

Medium

Vulnerability Type

跨站脚本

Affected Vendor

Nozomi Networks

Published

2025-11-25

Last Modified

2026-02-24

References

https://security.nozominetworks.com/NN-2025:11-01

Patch

https://security.nozominetworks.com/NN-2025:11-01

Share on: