CVE-2025-4648 – Centreon Web Reflected Cross-Site Scripting (XSS)

May 13, 2025

CVE ID : CVE-2025-4648

Published : May 13, 2025, 10:15 a.m. | 29 minutes ago

Description : Download of Code Without Integrity Check vulnerability in Centreon web allows Reflected XSS.
A user with elevated privileges can inject XSS by altering the content of a SVG media during the submit request.
This issue affects web: from 24.10.0 before 24.10.5, from 24.04.0 before 24.04.11, from 23.10.0 before 23.10.22, from 23.04.0 before 23.04.27, from 22.10.0 before 22.10.29.

Severity: 8.4 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4647 – Centreon Web Cross-Site Scripting (XSS)

Next Article CVE-2025-40628 – DomainsPRO SQL Injection

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

This $4 Steam Deck game includes the most-played classics from my childhood — and it will save you paper

Microsoft shares rare look at radical Windows 11 Start menu designs it explored before settling on the least interesting one of the bunch

NVIDIA’s new GPU driver adds DOOM: The Dark Ages support and improves DLSS in Microsoft Flight Simulator 2024

How to install and use Ollama to run AI LLMs on your Windows 11 PC

Community News: Latest PECL Releases (05.13.2025)

Community News: Latest PECL Releases (05.13.2025)

How We Use Epic Branches. Without Breaking Our Flow.

I think the ergonomics of generators is growing on me.

This $4 Steam Deck game includes the most-played classics from my childhood — and it will save you paper

This $4 Steam Deck game includes the most-played classics from my childhood — and it will save you paper

Microsoft shares rare look at radical Windows 11 Start menu designs it explored before settling on the least interesting one of the bunch

NVIDIA’s new GPU driver adds DOOM: The Dark Ages support and improves DLSS in Microsoft Flight Simulator 2024

CVE-2025-4648 – Centreon Web Reflected Cross-Site Scripting (XSS)

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-24022 – iTop Server Code Execution Vulnerability

There is any play/App store app available that only give the performance of specified of app?

I’ve been testing one of the best value 4K OLED gaming monitors, and it’s awesome — but watch out for tariffs

Researchers Identify Over 20 Supply Chain Vulnerabilities in MLOps Platforms

Il sondaggio della community Reddit di Arch Linux svela le tendenze ed i trend degli utenti GNU/Linux

MVP vs. MVE: Choosing the Right Path for Digital Product Success

CVE-2025-3960 – Withstars Books-Management-System Background Interface Missing Authorization Remote Vulnerability

Rilasciato Fastfetch 2.41: Tutte le novità del tool per mostrare le informazioni dei sistemi GNU/Linux

The best laptops for video editing in 2024: Expert tested and reviewed

CVE-2025-4648 – Centreon Web Reflected Cross-Site Scripting (XSS)

Related Posts