Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/06/14 2:24 p.m.8 views

CVE-2025-49191

Linked URLs during the creation of iFrame widgets and dashboards are vulnerable to code execution. The URLs get embedded as iFrame widgets, making it possible to attack other users that access the dashboard by including malicious code. The attack is only possible if the attacker is authorized to...

4.8CVSS5.3AI score0.00287EPSS
Exploits0References1
NVD
NVD
added 2025/06/12 2:15 p.m.18 views

CVE-2025-49191

Linked URLs during the creation of iFrame widgets and dashboards are vulnerable to code execution. The URLs get embedded as iFrame widgets, making it possible to attack other users that access the dashboard by including malicious code. The attack is only possible if the attacker is authorized to...

6.1CVSS0.00287EPSS
Exploits0References6
CVE
CVE
added 2025/06/12 2:8 p.m.42 views

CVE-2025-49191

CVE-2025-49191 describes code execution via linked URLs embedded when creating iFrame widgets and dashboards. The vulnerability affects dashboards/iFrame widget creation where attacker-supplied URLs are embedded, enabling code execution when other users load the affected dashboard. Exploitation r...

6.1CVSS7.6AI score0.00287EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2025/06/12 2:8 p.m.17 views

CVE-2025-49191 Dashboards and iFrames can link malicious web content

Linked URLs during the creation of iFrame widgets and dashboards are vulnerable to code execution. The URLs get embedded as iFrame widgets, making it possible to attack other users that access the dashboard by including malicious code. The attack is only possible if the attacker is authorized to...

4.8CVSS0.00287EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/06/12 2:8 p.m.4 views

CVE-2025-49191 Dashboards and iFrames can link malicious web content

Linked URLs during the creation of iFrame widgets and dashboards are vulnerable to code execution. The URLs get embedded as iFrame widgets, making it possible to attack other users that access the dashboard by including malicious code. The attack is only possible if the attacker is authorized to...

4.8CVSS7.6AI score0.00287EPSS
Exploits0References6
Rows per page
Query Builder