Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2025/10/14 3:14 p.m.1 views

CVE-2025-62172 Home Assistant vulnerable to Stored XSS in Energy dashboard from Energy Entity Name

Home Assistant is open source home automation software that puts local control and privacy first. In versions 2025.1.0 through 2025.10.1, the energy dashboard is vulnerable to stored cross-site scripting. An authenticated user can inject malicious JavaScript code into an energy entity's name fiel...

9.3CVSS6.1AI score0.00512EPSS
Exploits0References1
CVE
CVE
added 2025/10/14 3:14 p.m.48 views

CVE-2025-62172

Summary of vulnerability (CVE-2025-62172) : Home Assistant Energy dashboard in versions 2025.1.0–2025.10.1 is vulnerable to stored XSS via HTML in energy entity names. An authenticated user can inject JavaScript that executes in other users’ sessions when hovering graph tooltips, because entity n...

9.3CVSS6.1AI score0.00512EPSS
Exploits0References1
OSV
OSV
added 2025/10/14 3:14 p.m.8 views

CVE-2025-62172 Home Assistant vulnerable to Stored XSS in Energy dashboard from Energy Entity Name

Home Assistant is open source home automation software that puts local control and privacy first. In versions 2025.1.0 through 2025.10.1, the energy dashboard is vulnerable to stored cross-site scripting. An authenticated user can inject malicious JavaScript code into an energy entity's name fiel...

9.3CVSS6.5AI score0.00512EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/14 3:14 p.m.12 views

CVE-2025-62172 Home Assistant vulnerable to Stored XSS in Energy dashboard from Energy Entity Name

Home Assistant is open source home automation software that puts local control and privacy first. In versions 2025.1.0 through 2025.10.1, the energy dashboard is vulnerable to stored cross-site scripting. An authenticated user can inject malicious JavaScript code into an energy entity's name fiel...

9.3CVSS0.00512EPSS
Exploits0References1
Rows per page
Query Builder