CVE-2025-43924 | Unicom Focal Point 7.6.1 loginpage SettingController val cross site scripting

Inserito da Angelo Barbosa | Giu 3, 2025 | CVE

A vulnerability classified as problematic has been found in Unicom Focal Point 7.6.1. This affects the function SettingController of the file /fp/admin/settings/loginpage. The manipulation of the argument val leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-43924. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-43924 | Unicom Focal Point 7.6.1 loginpage SettingController val cross site scripting

Post correlati

CVE-2023-47852 | Link Whisper Free Plugin up to 0.6.5 on WordPress sql injection

CVE-2024-0337 | Travelpayouts Plugin up to 1.1.15 on WordPress travelpayouts_redirect

CVE-2024-32876 | TeamNewPipe NewPipe App up to 0.26.1 on Android deserialization (GHSA-wxrm-jhpf-vp6v)

CVE-2024-32133 | Michael Schuppenies EZ Form Calculator Plugin up to 2.14.0.3 on WordPress cross site scripting