CVE-2025-43486

Medium CVSS: 5.7

A potential stored cross-site scripting vulnerability has been
identified in the Poly Clariti Manager for versions prior to 10.12.1. The
website allows user input to be stored and rendered without proper
sanitization. HP has addressed the issue in the latest software update.

Vendor

Product

Poly Clariti Manager

CWE

CWE-79

Yayın Tarihi

2025-07-23 00:15:25

Güncelleme

2025-10-02 17:42:50

Source Identifier

hp-security-alert@hp.com

KEV Date Added

Kategoriler

CWE-79 Poly Clariti Manager MEDIUM Hp 2025

Referanslar

https://support.hp.com/us-en/document/ish_12781425-12781447-16/hbsbpy04037

Benzer Kayıtlar

Medium

CVE-2026-2915

HP System Event Utility might allow denial of service with elevated arbitrary file writes. This potential vulnerability…

Medium

CVE-2026-1996

Certain HP OfficeJet Pro printers may be vulnerable to potential denial of service when the IPP requests are mishandled,…

Medium

CVE-2026-1997

Certain HP OfficeJet Pro printers may expose information if Cross‑Origin Resource Sharing (CORS) is misconfigured, poten…

High

CVE-2025-14432

In limited scenarios, sensitive data might be written to the log file if an admin uses Microsoft Teams Admin Center (TAC…

Medium

CVE-2025-11531

HP System Event Utility and Omen Gaming Hub might allow execution of certain files outside of their restricted paths. T…

Medium

CVE-2025-13492

A potential security vulnerability has been identified in HP Image Assistant for versions prior to 5.3.3. The vulnerabil…