CVE-2025-15437

Medium CVSS: 5.1

A vulnerability was found in LigeroSmart up to 6.1.24. This affects an unknown part of the component Environment Variable Handler. Performing a manipulation of the argument REQUEST_URI results in cross site scripting. The attack may be initiated remotely. The exploit has been made public and could be used. Upgrading to version 6.1.26 and 6.3 is able to mitigate this issue. The patch is named 264ac5b2be5b3c673ebd8cb862e673f5d300d9a7. The affected component should be upgraded.

Vendor

Ligerosmart

Product

Ligerosmart

CWE

CWE-79

Yayın Tarihi

2026-01-02 09:15:42

Güncelleme

2026-02-27 03:39:52

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-79 Ligerosmart MEDIUM Ligerosmart 2026

Referanslar

https://github.com/LigeroSmart/ligerosmart/ https://github.com/LigeroSmart/ligerosmart/commit/264ac5b2be5b3c673ebd8cb862e673f5d300d9a7 https://github.com/LigeroSmart/ligerosmart/issues/278 https://github.com/LigeroSmart/ligerosmart/issues/278#issuecomment-3675129508 https://github.com/LigeroSmart/ligerosmart/releases/tag/6.1.26 https://vuldb.com/?ctiid.339364 https://vuldb.com/?id.339364 https://vuldb.com/?submit.729021

Benzer Kayıtlar

Medium

CVE-2026-2546

A security vulnerability has been detected in LigeroSmart up to 6.1.26. The affected element is an unknown function of t…

Medium

CVE-2026-2547

A vulnerability was detected in LigeroSmart up to 6.1.26. The impacted element is the function AgentDashboard of the fil…

Medium

CVE-2026-2545

A weakness has been identified in LigeroSmart up to 6.1.26. Impacted is an unknown function of the file /otrs/index.pl?A…

Medium

CVE-2026-1049

A security vulnerability has been detected in LigeroSmart up to 6.1.26. The affected element is an unknown function of t…

Medium

CVE-2026-1048

A weakness has been identified in LigeroSmart up to 6.1.26. Impacted is an unknown function of the file /otrs/index.pl?A…