CVE-2025-4417 – AVEVA PI Connector for CygNet Cross-Site Scripting (XSS)

June 12, 2025

CVE ID : CVE-2025-4417

Published : June 12, 2025, 8:15 p.m. | 1 hour, 46 minutes ago

Description : A cross-site scripting vulnerability exists in
AVEVA PI Connector for CygNet
Versions 1.6.14 and prior that, if exploited, could allow an
administrator miscreant with local access to the connector admin portal
to persist arbitrary JavaScript code that will be executed by other
users who visit affected pages.

Severity: 5.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-44019 – AVEVA PI Data Archive Denial of Service (DoS) Vulnerability

Next Article CVE-2025-48699 – Apache Unintended Exposure

Highlights

CVE-2025-8818 – Linksys Wi-Fi Router OS Command Injection Vulnerability

August 10, 2025

CVE ID : CVE-2025-8818

Published : Aug. 10, 2025, 11:15 p.m. | 2 hours, 26 minutes ago

Description : A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this issue is the function setDFSSetting of the file /goform/setLan. The manipulation of the argument lanNetmask/lanIp leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

From Data To Decisions: UX Strategies For Real-Time Dashboards

Honeycomb launches AI observability suite for developers

Low-Code vs No-Code Platforms for Node.js: What CTOs Must Know Before Investing

ServiceNow unveils Zurich AI platform

Building personal apps with open source and AI

What Can We Actually Do With corner-shape?

Craft, Clarity, and Care: The Story and Work of Mengchu Yao

Distribution Release: Q4OS 6.1

Learning from PHP Log to File Example

Learning from PHP Log to File Example

Online EMI Calculator using PHP – Calculate Loan EMI, Interest, and Amortization Schedule

Package efficiency and dependency hygiene

Dmitry — The Deep Magic

Dmitry — The Deep Magic

Right way to record and share our Terminal sessions

Windows 11 Powers Up WSL: How GPU Acceleration & Kernel Upgrades Change the Game

CVE-2025-4417 – AVEVA PI Connector for CygNet Cross-Site Scripting (XSS)

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Student Insider Threats Driving Surge in UK School Data Breaches, ICO Warns

A Brief Introduction to Ruby

Former US Army Sergeant pleads guilty after amateurish attempt at selling secrets to China

Xbox confirms it has “no minimum order quantity” or print limits for physical games — but there are other considerations

CVE-2025-4227 – Palo Alto Networks GlobalProtect Unencrypted Packet Injection Vulnerability

CVE-2025-8818 – Linksys Wi-Fi Router OS Command Injection Vulnerability

Create a color contrast checker with HTML, CSS, and JavaScript

CVE-2025-50165 – Microsoft Graphics Component Remote Code Execution Vulnerability

CVE-2023-44753 – Student Management System Stored Cross-Site Scripting Vulnerability

CVE-2025-4417 – AVEVA PI Connector for CygNet Cross-Site Scripting (XSS)

Related Posts