Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/02/20 1:27 p.m.6 views

CVE-2025-15562

The server API endpoint /report/internet/urls reflects received data into the HTML response without applying proper encoding or filtering. This allows an attacker to execute arbitrary JavaScript in the victim's browser if the victim opens a URL prepared by the attacker...

6.1CVSS6AI score0.00156EPSS
Exploits0References1
OSV
OSV
added 2026/02/19 11:15 a.m.7 views

CVE-2025-15562

The server API endpoint /report/internet/urls reflects received data into the HTML response without applying proper encoding or filtering. This allows an attacker to execute arbitrary JavaScript in the victim's browser if the victim opens a URL prepared by the attacker...

6.1CVSS6AI score0.00156EPSS
Exploits0References1
CVE
CVE
added 2026/02/19 10:54 a.m.13 views

CVE-2025-15562

CVE-2025-15562 is a reflected cross-site scripting vulnerability affecting NesterSoft WorkTime. The issue occurs at the server API endpoint /report/internet/urls, which reflects user-supplied data into the HTML response without proper encoding or filtering. This can allow an attacker to execute a...

6.1CVSS6AI score0.00156EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/19 10:54 a.m.4 views

CVE-2025-15562 Reflected Cross-Site Scripting in NesterSoft WorkTime

The server API endpoint /report/internet/urls reflects received data into the HTML response without applying proper encoding or filtering. This allows an attacker to execute arbitrary JavaScript in the victim's browser if the victim opens a URL prepared by the attacker...

6AI score0.00156EPSS
Exploits0References1
Rows per page
Query Builder