Leviton AcquiSuite and Energy Monitoring Hub are susceptible to a cross-site scripting

链接： https://github.com/advisories/GHSA-6qwv-2xc3-64j3

CVSS 评分： 9.3

参考链接：

https://nvd.nist.gov/vuln/detail/CVE-2025-6185
https://leviton.com/support/resources/product-support
https://www.cisa.gov/news-events/ics-advisories/icsa-25-198-01
https://github.com/advisories/GHSA-6qwv-2xc3-64j3

描述：

Leviton AcquiSuite and Energy Monitoring Hub
are susceptible to a cross-site scripting vulnerability, allowing
an attacker to craft a malicious payload in URL parameters, which would
execute in a client browser when accessed by a user, steal session
tokens, and control the service.

安全公告

#Github Advisory

Leviton AcquiSuite and Energy Monitoring Hub are susceptible to a cross-site scripting

http://example.com/2025/07/18/github_2809988523/

作者

lianccc

发布于

2025年7月18日

许可协议

Roundcube Webmail PHP Object Deserialization Vulnerability 上一篇

NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to 下一篇