Cross-site Scripting vulnerability in NEC Corporation UNIVERGE IX from Ver.9.5 to Ver.10.7, from Ver.10.8.21 to Ver.10.8.36, from Ver.10.9.11 to Ver.10.9.24, from Ver.10.10.21 to Ver.10.10.31, Ver.10.11.6 and UNIVERGE IX-R/IX-V Ver1.3.16, Ver1.3.21 allows a attacker to inject an arbitrary scripts may be executed on the user's browser.
Metrics
Affected Vendors & Products
No data.
No data.
No data.
References
| Link | Providers |
|---|---|
| https://jpn.nec.com/security-info/secinfo/nv25-005_en.html |
|
History
Wed, 17 Sep 2025 03:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Wed, 17 Sep 2025 02:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Wed, 17 Sep 2025 02:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Cross-site Scripting vulnerability in NEC Corporation UNIVERGE IX from Ver.9.5 to Ver.10.7, from Ver.10.8.21 to Ver.10.8.36, from Ver.10.9.11 to Ver.10.9.24, from Ver.10.10.21 to Ver.10.10.31, Ver.10.11.6 and UNIVERGE IX-R/IX-V Ver1.3.16, Ver1.3.21 allows a attacker to inject an arbitrary scripts may be executed on the user's browser. | |
| Weaknesses | CWE-79 | |
| References |
| |
| Metrics |
cvssV4_0
|
MITRE
Status: PUBLISHED
Assigner: NEC
Published: 2025-09-17T02:10:09.645Z
Updated: 2025-09-17T02:10:50.272Z
Reserved: 2025-07-25T01:38:55.766Z
Link: CVE-2025-8153
Vulnrichment
No data.
NVD
Status : Received
Published: 2025-09-17T02:15:33.310
Modified: 2025-09-17T03:15:46.573
Link: CVE-2025-8153
Redhat
No data.