Lucene search
K

5 matches found

NVD
NVD
added 2025/04/08 5:15 p.m.9 views

CVE-2025-27084

A vulnerability in the Captive Portal of an AOS-10 GW and AOS-8 Controller/Mobility Conductor could allow a remote attacker to conduct a reflected cross-site scripting XSS attack. Successful exploitation could enable the attacker to execute arbitrary script code in the victim's browser within the...

6.1CVSS0.00239EPSS
Exploits0References1
Circl
Circl
added 2025/04/08 4:46 p.m.3 views

CVE-2025-27084

creationtimestamp| type| source ---|---|--- 2025-04-08 16:46:22+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10936 2025-04-08 19:51:32+00:00| seen| https://t.me/cvedetector/22482...

6.1CVSS4.8AI score0.00239EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/04/08 4:32 p.m.6 views

CVE-2025-27084 Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal (CP) of an AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-based Management Interface

A vulnerability in the Captive Portal of an AOS-10 GW and AOS-8 Controller/Mobility Conductor could allow a remote attacker to conduct a reflected cross-site scripting XSS attack. Successful exploitation could enable the attacker to execute arbitrary script code in the victim's browser within the...

5.4CVSS5.3AI score0.00239EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/08 4:32 p.m.15 views

CVE-2025-27084 Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal (CP) of an AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-based Management Interface

A vulnerability in the Captive Portal of an AOS-10 GW and AOS-8 Controller/Mobility Conductor could allow a remote attacker to conduct a reflected cross-site scripting XSS attack. Successful exploitation could enable the attacker to execute arbitrary script code in the victim's browser within the...

5.4CVSS0.00239EPSS
Exploits0References1
CVE
CVE
added 2025/04/08 4:32 p.m.61 views

CVE-2025-27084

The CVE-2025-27084 issue concerns the Captive Portal in HPE AOS devices (AOS-10 GW and AOS-8 Controller/Mobility Conductor). Connected sources confirm a reflected cross-site scripting (XSS) vulnerability that could allow a remote attacker to execute arbitrary script code in a victim’s browser wit...

6.1CVSS6.3AI score0.00239EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder