CVE-2025-9913

🗓️ 06 Oct 2025 06:40:49Reported by SICK AGType

Cross Site Scripting allows JavaScript in the address bar via Open in new Tab button, risking session hijacking.

Reporter	Title	Published	Views	Family All 9
ATTACKERKB	CVE-2025-9913	6 Oct 202506:40	–	attackerkb
Circl	CVE-2025-9913	6 Oct 202507:06	–	circl
CNNVD	SICK AG Baggage Analytics 安全漏洞	6 Oct 202500:00	–	cnnvd
Cvelist	CVE-2025-9913 Cross Site Scripting: Session Hijacking	6 Oct 202506:40	–	cvelist
EUVD	EUVD-2025-32503	6 Oct 202506:40	–	euvd
NVD	CVE-2025-9913	6 Oct 202507:15	–	nvd
Positive Technologies	PT-2025-40856	6 Oct 202500:00	–	ptsecurity
Sick AG	Multiple vulnerabilities in SICK Enterprise Analytics and SICK Logistic Analytics Products	2 Oct 202513:00	–	sick
Vulnrichment	CVE-2025-9913 Cross Site Scripting: Session Hijacking	6 Oct 202506:40	–	vulnrichment

NVD

Node

sick baggage_analytics

sick logistic_diagnostic_analytics

sick package_analytics

sick tire_analytics

[
  {
    "vendor": "SICK AG",
    "product": "Baggage Analytics",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "4.6.3",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "affected"
  },
  {
    "vendor": "SICK AG",
    "product": "Tire Analytics",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "4.6.3",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "affected"
  },
  {
    "vendor": "SICK AG",
    "product": "Package Analytics",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "4.6.3",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "affected"
  },
  {
    "vendor": "SICK AG",
    "product": "Logistic Diagnostic Analytics",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "4.6.3",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "affected"
  }
]

Source	Link
sick	www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.json
cisa	www.cisa.gov/resources-tools/resources/ics-recommended-practices
first	www.first.org/cvss/calculator/3.1
sick	www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf
sick	www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.pdf
sick	www.sick.com/psirt

13 May 2026 11:49Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.14.5 - 6.1

EPSS0.00058

SSVC

CWE-79