CVE-2025-4417 – AVEVA PI Connector for CygNet Cross-Site Scripting (XSS)

CVE ID : CVE-2025-4417

Published : June 12, 2025, 8:15 p.m. | 45 minutes ago

Description : A cross-site scripting vulnerability exists in
AVEVA PI Connector for CygNet
Versions 1.6.14 and prior that, if exploited, could allow an
administrator miscreant with local access to the connector admin portal
to persist arbitrary JavaScript code that will be executed by other
users who visit affected pages.

Severity: 5.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

نوشته های مشابه

CVE-2025-4227 – Palo Alto Networks GlobalProtect Unencrypted Packet Injection Vulnerability

CVE-2025-4229 – Palo Alto Networks PAN-OS SD-WAN Information Disclosure Vulnerability

CVE-2025-5491 – Acer ControlCenter Remote Code Execution Vulnerability

CVE-2025-5841 – WordPress ACF Onyx Poll Stored Cross-Site Scripting Vulnerability