CVE-2025-12776 | Commvault WebConsole up to 11.32.0/11.36.0/11.40.0/11.42.0 Report Builder cross site scripting

A vulnerability identified as problematic has been detected in Commvault WebConsole up to 11.32.0/11.36.0/11.40.0/11.42.0. The affected element is an unknown function of the component Report Builder. This manipulation causes cross site scripting. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is tracked as CVE-2025-12776. The attack is possible to be carried out remotely. No exploit exists.

You should upgrade the affected component.

CVE-2025-12776 | Commvault WebConsole up to 11.32.0/11.36.0/11.40.0/11.42.0 Report Builder cross site scripting

Post correlati

CVE-2025-6585 | WP JobHunt Plugin up to 7.2 on WordPress cs_remove_profile_callback resource injection

CVE-2025-11902 | yanyutao0402 ChanCMS up to 3.3.2 /cms/article/findField cid sql injection

CVE-2025-48129 | Spreadsheet Price Changer for WooCommerce and WP E-commerce Plugin Remote Code Execution

CVE-2024-21655 | Discourse up to 3.1.3/3.2.0.beta3 resource consumption