4 matches found
CVE-2025-28097
OneNav 1.1.0 is vulnerable to Cross Site Scripting XSS in custom headers...
CVE-2025-28097
OneNav 1.1.0 is vulnerable to Cross Site Scripting XSS in custom headers...
CVE-2025-28097
OneNav 1.1.0 is vulnerable to Cross Site Scripting XSS in custom headers...
CVE-2025-28097
OneNav 1.1.0 is vulnerable to Cross Site Scripting (XSS) in custom headers (CVE-2025-28097). The CVSS v3.1 vector (AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L) yields a base score of 5.5 (Medium). Exploitation details, affected components, and exact root cause are not fully enumerated in the provided doc...