Lucene search
K

147 matches found

CVE
CVE
added 2025/12/05 5:15 p.m.22 views

CVE-2025-34257

The CVE-2025-34257 entry concerns Advantech WISE-DeviceOn Server (versions prior to 5.4). A stored XSS exists in the /rmm/v1/action/defined endpoint: when an authenticated user creates a task, the defined_name value is stored and later rendered in the Overview page without HTML sanitization. The ...

5.4CVSS5AI score0.00221EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.5 views

Advantech WISE-DeviceOn Server 跨站脚本漏洞

Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-supplied...

5.4CVSS6.1AI score0.00172EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/05 12:0 a.m.5 views

PT-2025-49287

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/plugin-config/addins/menus endpoint. When an authenticated user adds or edits an AddIns menu entry, the label and path values are stored in plugin configuration data and lat...

5.1CVSS5.4AI score0.00182EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.4 views

Advantech WISE-DeviceOn Server 跨站脚本漏洞

Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data...

5.4CVSS6.1AI score0.00172EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.4 views

Advantech WISE-DeviceOn Server 安全漏洞

Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a hard-coded encryption key vulnerability that can be exploited by an attacker to impersonate an arbitrary account...

10CVSS6.7AI score0.00604EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.5 views

Advantech WISE-DeviceOn Server 跨站脚本漏洞

Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data...

5.4CVSS6AI score0.00221EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.5 views

Advantech WISE-DeviceOn Server 跨站脚本漏洞

Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data...

5.4CVSS6AI score0.00216EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/05 12:0 a.m.5 views

PT-2025-49283

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/devices/name/agent id endpoint. When an authenticated user renames a device, the new name value is stored and later rendered in device listings or detail views without prope...

5.1CVSS5.4AI score0.00182EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/05 12:0 a.m.3 views

PT-2025-49281

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/action/schedule endpoint. When an authenticated user adds a schedule to an existing task, the schedule name is stored and later rendered in schedule listings without HTML...

5.1CVSS5.4AI score0.00216EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.5 views

Advantech WISE-DeviceOn Server 跨站脚本漏洞

Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability, which stems from the lack of effective filtering and escaping of user-supplied da...

5.4CVSS6.1AI score0.00182EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.5 views

Advantech WISE-DeviceOn Server 跨站脚本漏洞

Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-supplied...

5.4CVSS6AI score0.00221EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.4 views

Advantech WISE-DeviceOn Server 跨站脚本漏洞

Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-supplied...

5.4CVSS6.1AI score0.00182EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/05 12:0 a.m.5 views

PT-2025-49285

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/dog/agentId endpoint. When an authenticated user adds or edits Software Watchdog process rules for an agent, the monitored process name is stored in the settings array and...

5.1CVSS5.4AI score0.00172EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.4 views

Advantech WISE-DeviceOn Server 跨站脚本漏洞

Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-supplied...

5.4CVSS6AI score0.00182EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/05 12:0 a.m.8 views

PT-2025-49282

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/devicegroups/ endpoint. When an authenticated user creates a device group, the name and description values are stored and later rendered in device group listings without...

5.1CVSS5.4AI score0.00221EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/05 12:0 a.m.5 views

PT-2025-49286

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/rule-engines endpoint. When an authenticated user creates or updates a rule for an agent, the rule fields min, max, and unit are stored and later rendered in rule listings o...

5.1CVSS5.5AI score0.00172EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/05 12:0 a.m.5 views

PT-2025-49284

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/plugin-config/dashboards/menus endpoint. When an authenticated user adds or edits a dashboard entry, the label and path values are stored in plugin configuration data and...

5.1CVSS5.4AI score0.00172EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/05 12:0 a.m.7 views

PT-2025-49278

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/action/defined endpoint. When an authenticated user creates a task, the defined name value is stored and later rendered in the Overview page without HTML sanitization. An...

5.1CVSS5.4AI score0.00221EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.6 views

Advantech WISE-DeviceOn Server 跨站脚本漏洞

Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability, which stems from the lack of effective filtering and escaping of user-supplied da...

5.4CVSS6.1AI score0.00172EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.6 views

Advantech WISE-DeviceOn Server 跨站脚本漏洞

Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability, which stems from the lack of effective filtering and escaping of user-supplied da...

5.4CVSS6.1AI score0.00221EPSS
Exploits0References4
Rows per page
Query Builder