CVE-2025-52358 Information

Jul 30, 2025 cve

Description

A cross-site scripting vulnerability in Vivaldi United Group iCONTROL+ Server including Firmware version 4.7.8.0.eden Logic version 5.32 and below. This issue allows attackers to inject JavaScript payloads within the error or edit-menu-item parameters which are then executed in the victim’s browser session.

Reference

https://github.com/MatJosephs/CVEs/blob/main/CVE-2025-52358/README.md https://vivaldigroup.it/en/

CNNVD-202507-3612 (Published: 2025-07-29)

Share on:

CVE-2025-52358 Information

Description

Reference

Related CNNVD