CVE-2025-0583

Medium CVSS: 6.1

The a+HRD from aEnrich Technology has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.

Vendor

Aenrich

Product

A\+hrd

CWE

CWE-79

Yayın Tarihi

2025-01-20 02:15:19

Güncelleme

2025-11-17 19:15:59

Source Identifier

twcert@cert.org.tw

KEV Date Added

Kategoriler

CWE-79 A\+hrd MEDIUM Aenrich 2025

Referanslar

https://www.twcert.org.tw/en/cp-139-8369-cf396-2.html https://www.twcert.org.tw/tw/cp-132-8368-1e317-1.html

Benzer Kayıtlar

Medium

CVE-2025-12869

The a+HRD developed by aEnrich has a Stored Cross-Site Scripting vulnerability, allowing remote attackers with administr…

Critical

CVE-2025-12870

The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing unauthenticated remote attackers to s…

Critical

CVE-2025-12871

The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing unauthenticated remote attackers to c…

Medium

CVE-2025-0584

The a+HRD from aEnrich Technology has a Server-side Request Forgery, allowing unauthenticated remote attackers to exploi…

Critical

CVE-2025-0585

The a+HRD from aEnrich Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject…

High

CVE-2025-0586

The a+HRD from aEnrich Technology has an Insecure Deserialization vulnerability, allowing remote attackers with database…