CVE-2025-63211 – Bridgetech VBC Server & Element Manager Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-63211

Published : Nov. 19, 2025, 7:15 p.m. | 37 minutes ago

Description : Stored cross-site scripting vulnerability in bridgetech VBC Server & Element Manager, firmware versions 6.5.0-9 thru 6.5.0-10, allows attackers to execute arbitrary code via the addName parameter to the /vbc/core/userSetupDoc/userSetupDoc endpoint.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…