2 matches found
CVE-2025-40890 Stored Cross-Site Scripting (XSS) in Dashboards in Guardian/CMC before 25.4.0
A Stored Cross-Site Scripting vulnerability was discovered in the Dashboards functionality due to improper validation of an input parameter. An authenticated low-privilege user can craft a malicious dashboard containing a JavaScript payload and share it with victim users, or a victim can be...
CVE-2025-40890
CVE-2025-40890 is a stored Cross-Site Scripting (XSS) vulnerability in the Dashboards feature of Nozomi Networks Guardian/CMC. The issue stems from improper validation of input parameters, enabling an authenticated, low-privilege user to craft and share a malicious dashboard containing JavaScript...