4 matches found
CVE-2025-34264
Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/dog/agentId endpoint. When an authenticated user adds or edits Software Watchdog process rules for an agent, the monitored process name is stored in the settings array and...
CVE-2025-34264 Advantech WISE-DeviceOn Server < 5.4 Authenticated Stored XSS via dog/{agentId}
Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/dog/agentId endpoint. When an authenticated user adds or edits Software Watchdog process rules for an agent, the monitored process name is stored in the settings array and...
CVE-2025-34264
Advantech WISE-DeviceOn Server (pre-5.4) is vulnerable to an authenticated stored XSS via the /rmm/v1/dog/{agentId} endpoint. When a user adds/edits Software Watchdog rules for an agent, the monitored process name is stored in a settings array and rendered in the Software Watchdog UI without prop...
PT-2025-49285
Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/dog/agentId endpoint. When an authenticated user adds or edits Software Watchdog process rules for an agent, the monitored process name is stored in the settings array and...