CVE-2025-1810 | Pixsoft Vivaz 6.0.11 Login Endpoint sistema cross site scripting

A vulnerability was found in Pixsoft Vivaz 6.0.11. It has been classified as problematic. Affected is an unknown function of the file /servlet?act=login&submit=1&evento=0&pixrnd=0125021817031859360231 of the component Login Endpoint. The manipulation of the argument sistema leads to cross site scripting.

This vulnerability is traded as CVE-2025-1810. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-1810 | Pixsoft Vivaz 6.0.11 Login Endpoint sistema cross site scripting

Post correlati

CVE-2024-11961 | Guangzhou Huayi Intelligent Technology Jeewms 3.7 WmOmNoticeHController.java preHandle request information disclosure

CVE-2023-49330 | Zoho ManageEngine ADAudit Plus up to 7271 Report Data Aggregation injection

CVE-2023-3511 | GitLab Enterprise Edition prior 16.4.4/16.5.4/16.6.2 Private Project access control

CVE-2023-7150 | Chic Beauty Salon 20230703 Product product-list.php unrestricted upload