CVE-2025-59900 | Flexense Sync Breeze Enterprise Server 10.4.18 /server_options cross site scripting

Inserito da Angelo Barbosa | Gen 28, 2026 | CVE

A vulnerability was found in Flexense Sync Breeze Enterprise Server and Disk Pulse Enterprise 10.4.18 and classified as problematic. This vulnerability affects unknown code of the file /server_options. Such manipulation of the argument tasks_logs_dir/errors_logs_dir/error_notifications_address/status_notifications_address/status_reports_address leads to cross site scripting.

This vulnerability is traded as CVE-2025-59900. The attack may be launched remotely. There is no exploit available.

CVE-2025-59900 | Flexense Sync Breeze Enterprise Server 10.4.18 /server_options cross site scripting

Post correlati

CVE-2024-43648 | Iocharger prior 24120701 os command injection (DIVD-2024-00035)

CVE-2024-29733 | Apache Airflow up to 3.6.x FTP Provider certificate validation

CVE-2025-10636 | NS Maintenance Mode for WP Plugin up to 1.3.1 on WordPress cross site scripting

CVE-2024-41118 | opengeos streamlit-geospatial 7_ get_layers url server-side request forgery (GHSL-2024-100)