CVE-2025-11189 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

The Kiwire Captive Portal contains a reflected cross-site scripting (XSS) vulnerability within the login-url parameter, allowing for Javascript execution.
High CVSS: 7.3

CVE-2025-11189

The Kiwire Captive Portal contains a reflected cross-site scripting (XSS) vulnerability within the login-url parameter, allowing for Javascript execution.
Vendor
Synchroweb
Product
Kiwire
CWE
CWE-79
Yayın Tarihi
2025-10-10 11:15:41
Güncelleme
2025-11-17 14:38:39
Source Identifier
cret@cert.org
KEV Date Added
-

Kategoriler

CWE-79 Kiwire HIGH Synchroweb 2025

Referanslar

https://www.synchroweb.com/release-notes/kiwire/security https://www.kb.cert.org/vuls/id/887923