CVE-2025-43924 – Unicom Focal Point Stored Cross Site Scripting Vulnerability

June 3, 2025

CVE ID : CVE-2025-43924

Published : June 3, 2025, 3:15 p.m. | 17 minutes ago

Description : Cross Site Scripting vulnerability was discovered in Unicom Focal Point 7.6.1. The val parameter in SettingController (for /fp/admin/settings/loginpage) and the rootserviceurl parameter in FriendsController (for /fp/admin/settings/friends), entered by an admin, allow stored XSS.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-43925 – Unicom Focal Point Data Encryption Key Hardcoded Vulnerability

Next Article CVE-2025-43923 – Unicom Focal Point SQL Injection Vulnerability

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

In MCP era API discoverability is now more important than ever

Black Myth: Wukong is coming to Xbox exactly one year after launching on PlayStation

Reddit wants to sue Anthropic for stealing its data, but the Claude AI manufacturers vow to “defend ourselves vigorously”

Satya Nadella says Microsoft makes money every time you use ChatGPT: “Every day that ChatGPT succeeds is a fantastic day”

Multiple reports suggest a Persona 4 Remake from Atlus will be announced during the Xbox Games Showcase

TC39 advances numerous proposals at latest meeting

TC39 advances numerous proposals at latest meeting

TypeBridge – zero ceremony, compile time rpc for client and server com

Simplify Cloud-Native Development with Quarkus Extensions

Black Myth: Wukong is coming to Xbox exactly one year after launching on PlayStation

Black Myth: Wukong is coming to Xbox exactly one year after launching on PlayStation

Reddit wants to sue Anthropic for stealing its data, but the Claude AI manufacturers vow to “defend ourselves vigorously”

Satya Nadella says Microsoft makes money every time you use ChatGPT: “Every day that ChatGPT succeeds is a fantastic day”

CVE-2025-43924 – Unicom Focal Point Stored Cross Site Scripting Vulnerability

Leadership, Trust, and Cyber Hygiene: NCSC’s Guide to Security Culture in Action

Critical Fortinet flaws now exploited in Qilin ransomware attacks

Rilasciata Tails 6.15: Novità e Aggiornamenti della Distribuzione GNU/Linux per la Privacy

DistroWatch Weekly, Issue 1112

Why NHIs Are Security’s Most Dangerous Blind Spot

CVE-2025-22157 – Atlassian Jira Privilege Escalation Vulnerability

The best Hisense TVs: Expert Tested and reviewed

How To Generate a GUID/UUID in JavaScript

AMD’s RTX 5060 Ti competitor is rumored to launch in a couple of months with 8GB and 16GB models

How to Build Dependent Dropdowns in React

CVE-2025-43924 – Unicom Focal Point Stored Cross Site Scripting Vulnerability

Related Posts