CVE-2025-43924 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Cross Site Scripting vulnerability was discovered in Unicom Focal Point 7.6.1. The val parameter in SettingController (for /fp/admin/settings/loginpage) and the…
Medium CVSS: 6.1

CVE-2025-43924

Cross Site Scripting vulnerability was discovered in Unicom Focal Point 7.6.1. The val parameter in SettingController (for /fp/admin/settings/loginpage) and the rootserviceurl parameter in FriendsController (for /fp/admin/settings/friends), entered by an admin, allow stored XSS.
Vendor
Unicomsi
Product
Focal Point
CWE
CWE-79
Yayın Tarihi
2025-06-03 15:15:58
Güncelleme
2025-06-09 18:04:54
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-79 Focal Point MEDIUM Unicomsi 2025

Referanslar

https://www.unicomsi.com/products/focal-point/ https://www.unicomsi.com/security-advisory/