2 matches found
CVE-2025-40892
A Stored Cross-Site Scripting vulnerability was discovered in the Reports functionality due to improper validation of an input parameter. An authenticated user with report privileges can define a malicious report containing a JavaScript payload, or a victim can be socially engineered to import a...
CVE-2025-40892
CVE-2025-40892 is a Stored XSS in Nozomi Guardian/CMC Reports functionality caused by improper validation of an input parameter. An authenticated user with report privileges can craft or import a malicious report template containing JavaScript; when viewed or imported, the payload executes in the...