147 matches found
CVE-2025-34257
The CVE-2025-34257 entry concerns Advantech WISE-DeviceOn Server (versions prior to 5.4). A stored XSS exists in the /rmm/v1/action/defined endpoint: when an authenticated user creates a task, the defined_name value is stored and later rendered in the Overview page without HTML sanitization. The ...
Advantech WISE-DeviceOn Server 跨站脚本漏洞
Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-supplied...
PT-2025-49287
Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/plugin-config/addins/menus endpoint. When an authenticated user adds or edits an AddIns menu entry, the label and path values are stored in plugin configuration data and lat...
Advantech WISE-DeviceOn Server 跨站脚本漏洞
Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data...
Advantech WISE-DeviceOn Server 安全漏洞
Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a hard-coded encryption key vulnerability that can be exploited by an attacker to impersonate an arbitrary account...
Advantech WISE-DeviceOn Server 跨站脚本漏洞
Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data...
Advantech WISE-DeviceOn Server 跨站脚本漏洞
Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data...
PT-2025-49283
Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/devices/name/agent id endpoint. When an authenticated user renames a device, the new name value is stored and later rendered in device listings or detail views without prope...
PT-2025-49281
Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/action/schedule endpoint. When an authenticated user adds a schedule to an existing task, the schedule name is stored and later rendered in schedule listings without HTML...
Advantech WISE-DeviceOn Server 跨站脚本漏洞
Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability, which stems from the lack of effective filtering and escaping of user-supplied da...
Advantech WISE-DeviceOn Server 跨站脚本漏洞
Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-supplied...
Advantech WISE-DeviceOn Server 跨站脚本漏洞
Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-supplied...
PT-2025-49285
Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/dog/agentId endpoint. When an authenticated user adds or edits Software Watchdog process rules for an agent, the monitored process name is stored in the settings array and...
Advantech WISE-DeviceOn Server 跨站脚本漏洞
Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-supplied...
PT-2025-49282
Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/devicegroups/ endpoint. When an authenticated user creates a device group, the name and description values are stored and later rendered in device group listings without...
PT-2025-49286
Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/rule-engines endpoint. When an authenticated user creates or updates a rule for an agent, the rule fields min, max, and unit are stored and later rendered in rule listings o...
PT-2025-49284
Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/plugin-config/dashboards/menus endpoint. When an authenticated user adds or edits a dashboard entry, the label and path values are stored in plugin configuration data and...
PT-2025-49278
Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/action/defined endpoint. When an authenticated user creates a task, the defined name value is stored and later rendered in the Overview page without HTML sanitization. An...
Advantech WISE-DeviceOn Server 跨站脚本漏洞
Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability, which stems from the lack of effective filtering and escaping of user-supplied da...
Advantech WISE-DeviceOn Server 跨站脚本漏洞
Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability, which stems from the lack of effective filtering and escaping of user-supplied da...