CVE-2025-9143 Information
Aug 20, 2025
cve
Description
A security flaw has been discovered in Scada-LTS 2.7.8.1. This affects an unknown part of the file mailing_lists.shtm. The manipulation of the argument name/userList/address results in cross site scripting. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Reference
https://github.com/KarinaGante/KGSec/blob/main/CVEs/Scada-LTS/3.md https://github.com/KarinaGante/KGSec/blob/main/CVEs/Scada-LTS/3.md#poc https://vuldb.com/?ctiid.320521 https://vuldb.com/?id.320521 https://vuldb.com/?submit.628437
Attack Complexity
LOW
Privileges Required
LOW
User Interaction Required
LOW
Scope
REQUIRED
Confidentiality Impact
UNCHANGED
Integrity Impact
NONE
Availability Impact
LOW
Base Score
NONE
Base Severity
3.5
Related CNNVD
CNNVD-202508-2107 (Published: 2025-08-19)
Share on: