CVE-2025-9095 ExpressGateway express-gateway REST Endpoint users.js cross site scripting

A flaw has been found in ExpressGateway express-gateway up to 1.16.10. This issue affects some unknown processing in the library lib/rest/routes/users.js of the component REST Endpoint. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been...

CVE-2025-9095 ExpressGateway express-gateway REST Endpoint users.js cross site scripting

A flaw has been found in ExpressGateway express-gateway up to 1.16.10. This issue affects some unknown processing in the library lib/rest/routes/users.js of the component REST Endpoint. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been...

PT-2025-33620 · Unknown · Express Gateway

Name of the Vulnerable Software and Affected Versions: ExpressGateway versions up to 1.16.10 Description: A flaw has been found in ExpressGateway affecting processing within the lib/rest/routes/users.js library of the REST Endpoint component. Manipulation of this component can lead to cross site...

ABB Cylon FLXeon 9.3.4 (users.js) Authenticated Root Remote Code Execution

Summary BACnet® Smart Building Controllers. ABB's BACnet portfolio features a series of BACnet® IP and BACnet MS/TP field controllers for ASPECT® and INTEGRA™ building management solutions. ABB BACnet controllers are designed for intelligent control of HVAC equipment such as central plant, boiler...