CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-6235

In ExtremeControl before 25.5.12, a cross-site scripting (XSS) vulnerability was discovered in a login interface of the affected application. The issue stems from improper handling of user-supplied input within HTML attributes, allowing an attacker to inject script code that may execute in a user's browser under specific interaction conditions. Successful exploitation could lead to exposure of user data or unauthorized actions within the browser context.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 6.1%

CVSS Severity

CVSS v3 Score 6.1

References

https://extreme-networks.my.site.com/ExtrArticleDetail?an=000128019

Products affected by CVE-2025-6235

Extremenetworks » Extremecontrol » Version: Any

cpe:2.3:a:extremenetworks:extremecontrol:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-6235

Products

Pricing

Contact Us