CVE-2025-0787

CVSS 2.0 Score 4 of 10 (medium)

Details

Published Jan 28, 2025

Updated: Jan 29, 2025

CWE ID 94

CWE ID 79

Summary

CVE-2025-0787 is a newly disclosed vulnerability affecting ESAFENET CDG V5. This issue lies within an unidentified function of the file /appDetail.jsp and allows for cross-site scripting (XSS) attacks. The manipulation of the curpage argument can be exploited remotely, making the risk significant. Unfortunately, the vulnerability has been made public, and potential attackers may already be utilizing this exploit. Despite early notification to the vendor, they have yet to respond or provide a patch.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/23n6md
https://www.cve.org/CVERecord?id=CVE-2025-0787
https://nvd.nist.gov/vuln/detail/CVE-2025-0787

Back to Vulnerability Database

CVE-2025-0787

CVSS 2.0 Score 4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations