CVE-2025-43952 – Mettler Toledo FreeWeight.Net Web Reports Viewer Cross-Site Scripting (XSS)

April 22, 2025

CVE ID : CVE-2025-43952

Published : April 22, 2025, 6:16 p.m. | 31 minutes ago

Description : A cross-site scripting (reflected XSS) vulnerability was found in Mettler Toledo FreeWeight.Net Web Reports Viewer 8.4.0 (440). It allows an attacker to inject malicious scripts via the IW_SessionID_ parameter.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-43951 – LabVantage Local File Inclusion Vulnerability

Next Article CVE-2025-43950 – “Microsoft DPMAdirektPro DLL Hijacking Privilege Escalation Vulnerability”

The Power Of The Intl API: A Definitive Guide To Browser-Native Internationalization

This week in AI dev tools: GPT-5, Claude Opus 4.1, and more (August 8, 2025)

Elastic simplifies log analytics for SREs and developers with launch of Log Essentials

OpenAI launches GPT-5

I compared the best headphones from Apple, Sony, Bose, and Sonos: Here’s how the AirPods Max wins

I changed these 6 settings on my iPad to significantly improve its battery life

DistroWatch Weekly, Issue 1134

3 portable power stations I travel everywhere with (and how they differ)

Next.js PWA offline capability with Service Worker, no extra package

Next.js PWA offline capability with Service Worker, no extra package

spatie/laravel-flare

Establishing Consistent Data Foundations with Laravel’s Database Population System

Windows 11 Copilot gets free access to GPT-5 Thinking, reduced rate limits than ChatGPT Free

Windows 11 Copilot gets free access to GPT-5 Thinking, reduced rate limits than ChatGPT Free

Best Architecture AI Rendering Platform: 6 Tools Tested

Microsoft won’t kill off Chromium Edge and PWAs on Windows 10 until October 2028

CVE-2025-43952 – Mettler Toledo FreeWeight.Net Web Reports Viewer Cross-Site Scripting (XSS)

Researchers Reveal ReVault Attack Targeting Dell ControlVault3 Firmware in 100+ Laptop Models

Researchers Detail Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation

I tested a TCL smart lock, and its palm vein recognition feature blew me away

CVE-2025-35471 – Conda Forge OpenSSL-Feedstock Local Privilege Escalation

CVE-2025-48927 – Apache TeleMessage Spring Boot Actuator Heap Dump Exposed Endpoint Vulnerability

Managing Encrypted Environment Variables In Laravel With Veil

Windows 11 KB5062660 24H2 out with features, direct download links for offline installer (.msu)

CVE-2025-4442 – D-Link DIR-605L Remote Buffer Overflow Vulnerability

Yandex Releases Alchemist: A Compact Supervised Fine-Tuning Dataset for Enhancing Text-to-Image T2I Model Quality

CVE-2025-4542 – Freeebird Hotel Cross-Domain Policy Vulnerability

CVE-2025-43952 – Mettler Toledo FreeWeight.Net Web Reports Viewer Cross-Site Scripting (XSS)

Related Posts