CVE-2025-4417 – AVEVA PI Connector for CygNet Cross-Site Scripting (XSS)

June 12, 2025

CVE ID : CVE-2025-4417

Published : June 12, 2025, 8:15 p.m. | 1 hour, 46 minutes ago

Description : A cross-site scripting vulnerability exists in
AVEVA PI Connector for CygNet
Versions 1.6.14 and prior that, if exploited, could allow an
administrator miscreant with local access to the connector admin portal
to persist arbitrary JavaScript code that will be executed by other
users who visit affected pages.

Severity: 5.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-44019 – AVEVA PI Data Archive Denial of Service (DoS) Vulnerability

Next Article CVE-2025-48699 – Apache Unintended Exposure

8 Key Questions Every CEO Should Ask Before Hiring a Node.js Development Company in 2025

Vibe Loop: AI-native reliability engineering for the real world

Docker Compose gets new features for building and running agents

Why Enterprises Are Choosing AI-Driven React.js Development Companies in 2025

This discounted SSD fixed my gaming handheld’s biggest weakness — Extra storage space for Steam Deck, ASUS ROG Ally, and Lenovo Legion Go

These are the 5 Prime Day deals I’d buy if I weren’t about to have a baby

OpenAI’s $6.5 billion purchase fuels Sam Altman’s quest to build next-gen computers for “transcendentally good” AI — The biggest tech disruption since the iPhone?

Don’t miss out on the best ROG Ally accessory deals going on now — Improve your gaming handheld PC with a microSD card, power bank, dock, and more

Regolith – A JavaScript library immune to ReDoS attacks

Regolith – A JavaScript library immune to ReDoS attacks

Create Your Own Redux: Build a Custom State Management in React

Perficient Nagpur Celebrates Contentstack Implementation Certification Success!

This discounted SSD fixed my gaming handheld’s biggest weakness — Extra storage space for Steam Deck, ASUS ROG Ally, and Lenovo Legion Go

This discounted SSD fixed my gaming handheld’s biggest weakness — Extra storage space for Steam Deck, ASUS ROG Ally, and Lenovo Legion Go

These are the 5 Prime Day deals I’d buy if I weren’t about to have a baby

OpenAI’s $6.5 billion purchase fuels Sam Altman’s quest to build next-gen computers for “transcendentally good” AI — The biggest tech disruption since the iPhone?

CVE-2025-4417 – AVEVA PI Connector for CygNet Cross-Site Scripting (XSS)

Chrome Zero-Day CVE-2025-6554 Under Active Attack — Google Issues Security Update

Critical Vulnerability in Anthropic’s MCP Exposes Developer Machines to Remote Exploits

Beyond AEM: How Adobe Sensei Powers the Full Enterprise Experience

Xbox Game Pass gets Space Marine remaster, FBC: Firebreak, another Activision game, and more

CVE-2025-6330 – PHPGurukul Directory Management System SQL Injection Vulnerability

CISA Warns of Erlang/OTP SSH Server RCE Vulnerability Exploited in Attacks

Sick of AI slop on Pinterest? These two new features should help bring back real pins

The AI Mantra of All Time to Recite Now!

CVE-2025-6675 – Drupal Enterprise MFA – TFA Authentication Bypass

DavMail is a POP/IMAP/SMTP/Caldav/Carddav/LDAP exchange gateway

CVE-2025-4417 – AVEVA PI Connector for CygNet Cross-Site Scripting (XSS)

Related Posts