3 matches found
CVE-2025-59901
Disk Pulse Enterprise v10.4.18 has an authenticated reflected XSS vulnerability in the '/monitordirectory?sid=' endpoint, caused by insufficient validation of the 'monitordirectory' parameter sent by POST. An attacker could exploit this weakness to send malicious content to an authenticated user...
CVE-2025-59901
CVE-2025-59901 describes an authenticated reflected XSS in Disk Pulse Enterprise v10.4.18. The vulnerability is located in the /monitor_directory?sid= endpoint and arises from insufficient validation of the monitor_directory parameter sent via POST. An attacker could craft input that, when viewed...
Flexense Disk Pulse Enterprise Cross-Site Request Forgery Vulnerability
Flexense Disk Pulse Enterprise is a real-time file system monitoring software developed by Flexense Corporation. Version 10.4.18 of Flexense Disk Pulse Enterprise contains a cross-site request forgeing vulnerability. This vulnerability stems from insufficient user input validation for the...