CVE-2025-4648 – Centreon Web Reflected Cross-Site Scripting (XSS)

May 13, 2025

CVE ID : CVE-2025-4648

Published : May 13, 2025, 10:15 a.m. | 29 minutes ago

Description : Download of Code Without Integrity Check vulnerability in Centreon web allows Reflected XSS.
A user with elevated privileges can inject XSS by altering the content of a SVG media during the submit request.
This issue affects web: from 24.10.0 before 24.10.5, from 24.04.0 before 24.04.11, from 23.10.0 before 23.10.22, from 23.04.0 before 23.04.27, from 22.10.0 before 22.10.29.

Severity: 8.4 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4647 – Centreon Web Cross-Site Scripting (XSS)

Next Article CVE-2025-40628 – DomainsPRO SQL Injection

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

This $4 Steam Deck game includes the most-played classics from my childhood — and it will save you paper

Microsoft shares rare look at radical Windows 11 Start menu designs it explored before settling on the least interesting one of the bunch

NVIDIA’s new GPU driver adds DOOM: The Dark Ages support and improves DLSS in Microsoft Flight Simulator 2024

How to install and use Ollama to run AI LLMs on your Windows 11 PC

Community News: Latest PECL Releases (05.13.2025)

Community News: Latest PECL Releases (05.13.2025)

How We Use Epic Branches. Without Breaking Our Flow.

I think the ergonomics of generators is growing on me.

This $4 Steam Deck game includes the most-played classics from my childhood — and it will save you paper

This $4 Steam Deck game includes the most-played classics from my childhood — and it will save you paper

Microsoft shares rare look at radical Windows 11 Start menu designs it explored before settling on the least interesting one of the bunch

NVIDIA’s new GPU driver adds DOOM: The Dark Ages support and improves DLSS in Microsoft Flight Simulator 2024

CVE-2025-4648 – Centreon Web Reflected Cross-Site Scripting (XSS)

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-47705 – Drupal IFrame Remove Filter Cross-Site Scripting (XSS)

Beyond the blue screen of death: Why software updates matter

The Best Node.js Observability Tools in 2025: N|Solid vs New Relic, Datadog, and More

CVE-2025-24206 – Apple Local Network Authentication Bypass

Summarize audio with LLMs in Node.js

6 reasons why I think Microsoft should keep the ‘local account’ option in Windows 11

8 Radiant Glow Effects Made with CSS and JavaScript

A Memorable Trip to Munnar with Team

CVE-2024-52887 – Shrew Soft VPN Bookmark Script Injection Vulnerability

CVE-2025-4648 – Centreon Web Reflected Cross-Site Scripting (XSS)

Related Posts