CVE-2025-15437 LigeroSmart Environment Variable cross site scripting

🗓️ 02 Jan 2026 08:32:06Reported by VulDBType

LigeroSmart up to 6.1.24 has environment variable handler XSS via REQUEST_URI; upgrade to 6.1.26 or 6.3.

Reporter	Title	Published	Views	Family All 8
ATTACKERKB	CVE-2025-15437	2 Jan 202608:32	–	attackerkb
CNNVD	LigeroSmart 代码注入漏洞	2 Jan 202600:00	–	cnnvd
CVE	CVE-2025-15437	2 Jan 202608:32	–	cve
EUVD	EUVD-2026-0702	2 Jan 202608:32	–	euvd
NVD	CVE-2025-15437	2 Jan 202609:15	–	nvd
Positive Technologies	PT-2026-1060	2 Jan 202600:00	–	ptsecurity
RedhatCVE	CVE-2025-15437	3 Jan 202609:00	–	redhatcve
Vulnrichment	CVE-2025-15437 LigeroSmart Environment Variable cross site scripting	2 Jan 202608:32	–	vulnrichment

[
  {
    "vendor": "n/a",
    "product": "LigeroSmart",
    "versions": [
      {
        "version": "6.1.0",
        "status": "affected"
      },
      {
        "version": "6.1.1",
        "status": "affected"
      },
      {
        "version": "6.1.2",
        "status": "affected"
      },
      {
        "version": "6.1.3",
        "status": "affected"
      },
      {
        "version": "6.1.4",
        "status": "affected"
      },
      {
        "version": "6.1.5",
        "status": "affected"
      },
      {
        "version": "6.1.6",
        "status": "affected"
      },
      {
        "version": "6.1.7",
        "status": "affected"
      },
      {
        "version": "6.1.8",
        "status": "affected"
      },
      {
        "version": "6.1.9",
        "status": "affected"
      },
      {
        "version": "6.1.10",
        "status": "affected"
      },
      {
        "version": "6.1.11",
        "status": "affected"
      },
      {
        "version": "6.1.12",
        "status": "affected"
      },
      {
        "version": "6.1.13",
        "status": "affected"
      },
      {
        "version": "6.1.14",
        "status": "affected"
      },
      {
        "version": "6.1.15",
        "status": "affected"
      },
      {
        "version": "6.1.16",
        "status": "affected"
      },
      {
        "version": "6.1.17",
        "status": "affected"
      },
      {
        "version": "6.1.18",
        "status": "affected"
      },
      {
        "version": "6.1.19",
        "status": "affected"
      },
      {
        "version": "6.1.20",
        "status": "affected"
      },
      {
        "version": "6.1.21",
        "status": "affected"
      },
      {
        "version": "6.1.22",
        "status": "affected"
      },
      {
        "version": "6.1.23",
        "status": "affected"
      },
      {
        "version": "6.1.24",
        "status": "affected"
      },
      {
        "version": "6.1.26",
        "status": "unaffected"
      },
      {
        "version": "6.3",
        "status": "unaffected"
      }
    ],
    "modules": [
      "Environment Variable Handler"
    ]
  }
]

Source	Link
github	www.github.com/LigeroSmart/ligerosmart/releases/tag/6.1.26
github	www.github.com/LigeroSmart/ligerosmart/issues/278
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
github	www.github.com/LigeroSmart/ligerosmart/issues/278
github	www.github.com/LigeroSmart/ligerosmart/commit/264ac5b2be5b3c673ebd8cb862e673f5d300d9a7
vuldb	www.vuldb.com/
github	www.github.com/LigeroSmart/ligerosmart/

23 Feb 2026 08:09Current

CVSS 3.13.5

CVSS 33.5

CVSS 24

CVSS 45.1

EPSS0.00008