CVE-2025-4417 – AVEVA PI Connector for CygNet Cross-Site Scripting (XSS)

CVE ID : CVE-2025-4417

Published : June 12, 2025, 8:15 p.m. | 45 minutes ago

Description : A cross-site scripting vulnerability exists in
AVEVA PI Connector for CygNet
Versions 1.6.14 and prior that, if exploited, could allow an
administrator miscreant with local access to the connector admin portal
to persist arbitrary JavaScript code that will be executed by other
users who visit affected pages.

Severity: 5.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…