CVE-2025-41021 | Sergestec SISTICK 7.2 index.php?action=product_update obs cross site scripting

Inserito da Angelo Barbosa | Ott 16, 2025 | CVE

A vulnerability was found in Sergestec SISTICK 7.2. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/index.php?action=product_update. The manipulation of the argument obs leads to cross site scripting.

This vulnerability is traded as CVE-2025-41021. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-41021 | Sergestec SISTICK 7.2 index.php?action=product_update obs cross site scripting

Post correlati

CVE-2024-13892 | Smartwares CIP-37210AT/C724IP up to 3.3.0 command injection

CVE-2023-40464 | Sierra Wireless ALEOS up to 4.9.8/4.16 hard-coded key (swi-psa-2023-006)

CVE-2024-3792 | White Bear Solutions WBSAirback 21.02.04 URL /admin/DeviceReplication range cross site scripting

CVE-2024-0577 | Totolink LR1200GB 9.1.0u.6619_B20230130 /cgi-bin/cstecgi.cgi setLanguageCfg lang stack-based overflow