4 matches found
CVE-2025-2124
A vulnerability, which was classified as problematic, was found in Control iD RH iD 25.2.25.0. This affects an unknown part of the file /v2/customerdb/person.svc/changepassword of the component API Handler. The manipulation of the argument message leads to cross site scripting. It is possible to...
CVE-2025-2124
creationtimestamp| type| source ---|---|--- 2025-03-09 15:37:28+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6966 2025-03-09 17:56:59+00:00| seen| https://t.me/cvedetector/19925 2025-03-09 19:05:21+00:00| seen|...
CVE-2025-2124 Control iD RH iD API change_password cross site scripting
A vulnerability, which was classified as problematic, was found in Control iD RH iD 25.2.25.0. This affects an unknown part of the file /v2/customerdb/person.svc/changepassword of the component API Handler. The manipulation of the argument message leads to cross site scripting. It is possible to...
CVE-2025-2124
CVE-2025-2124 affects Control iD RH iD 25.2.25.0. The issue resides in the API handler, specifically the file path /v2/customerdb/person.svc/change_password, where manipulation of the argument message leads to cross-site scripting. It can be initiated remotely and the exploit has been disclosed p...