CVE-2025-61078

Medium CVSS: 6.1

Cross-site scripting (XSS) vulnerability in Request IP form in phpIPAM v1.7.3 allows remote attackers to inject arbitrary web script or HTML via the instructions parameter for the /app/admin/instructions/edit-result.php endpoint.

Vendor

Phpipam

Product

Phpipam

CWE

CWE-79

Yayın Tarihi

2025-12-09 18:15:55

Güncelleme

2025-12-12 12:26:38

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-79 Phpipam MEDIUM Phpipam 2025

Referanslar

http://phpipam.com https://glitch0ne.com/2025/12/05/cve-2025-61078-cross-site-scripting-xss-vulnerability-in-request-ip-form-in-phpipam-v1-7-3/

Benzer Kayıtlar

Low

CVE-2025-60912

phpIPAM v1.7.3 contains a Cross-Site Request Forgery (CSRF) vulnerability in the database export functionality. The gene…

Medium

CVE-2024-55093

phpIPAM through 1.7.3 has a reflected Cross-Site Scripting (XSS) vulnerability in the install scripts.

Medium

CVE-2024-10721

A stored cross-site scripting (XSS) vulnerability was discovered in phpipam/phpipam version 1.5.2. This vulnerability al…

Medium

CVE-2024-10722

A stored cross-site scripting (XSS) vulnerability exists in phpipam/phpipam version 1.5.2. The vulnerability allows atta…

Medium

CVE-2024-10723

A stored cross-site scripting (XSS) vulnerability was discovered in phpipam/phpipam version 1.5.2. This vulnerability al…

Medium

CVE-2024-10724

A stored cross-site scripting (XSS) vulnerability exists in phpipam/phpipam version 1.5.2, specifically in the Subnet NA…