CVE-2025-8428 | Centreon Infra Monitoring up to 23.10.27/24.04.17/24.10.12 HTTP Loader Widget cross site scripting

Inserito da Angelo Barbosa | Ott 14, 2025 | CVE

A vulnerability categorized as problematic has been discovered in Centreon Infra Monitoring up to 23.10.27/24.04.17/24.10.12. The impacted element is an unknown function of the component HTTP Loader Widget Module. Such manipulation leads to cross site scripting.

This vulnerability is referenced as CVE-2025-8428. It is possible to launch the attack remotely. No exploit is available.

It is advisable to upgrade the affected component.

CVE-2025-8428 | Centreon Infra Monitoring up to 23.10.27/24.04.17/24.10.12 HTTP Loader Widget cross site scripting

Post correlati

CVE-2024-2342 | Appointment Booking Calendar Plugin up to 1.6.7.7 on WordPress Shortcode sql injection

CVE-2024-10460 | Mozilla Firefox up to 131 iFrame ui layer

CVE-2024-54282 | Themeum WP Mega Menu Plugin up to 1.4.2 on WordPress deserialization

CVE-2024-45807 | Envoy 1.31.0/1.31.1 control flow (GHSA-qc52-r4x5-9w37)