How severe is CVE-2025-25612?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.1 out of 10.

What type of vulnerability is CVE-2025-25612?

This is classified as CWE-79, which is a common weakness in software security.

CVE-2025-25612 - HIGH Severity | CVSS 7.1

Vulnerability Description

FS Inc S3150-8T2F prior to version S3150-8T2F_2.2.0D_135103 is vulnerable to Cross Site Scripting (XSS) in the Time Range Configuration functionality of the administration interface. An attacker can inject malicious JavaScript into the "Time Range Name" field, which is improperly sanitized. When this input is saved, it is later executed in the browser of any user accessing the affected page, including administrators, resulting in arbitrary script execution in the user's browser.

Related Vulnerabilities

CVE-2014-6447

HIGH

CVSS:7.1(High)

Multiple vulnerabilities exist in Juniper Junos J-Web error handling that may lead to cross site scripting (XSS) issues or crash the J-Web service (DoS). This affects Juniper Junos OS 12.1X44 before 1...

CWE-792014

CVE-2017-3557

HIGH

CVSS:7.1(High)

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: Print Server). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6...

CWE-792017

CVE-2018-15633

HIGH

CVSS:7.1(High)

Cross-site scripting (XSS) issue in "document" module in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of ...

CWE-792018

CVE-2018-15634

HIGH

CVSS:7.1(High)

Cross-site scripting (XSS) issue in attachment management in Odoo Community 14.0 and earlier and Odoo Enterprise 14.0 and earlier, allows remote attackers to inject arbitrary web script in the browser...

CWE-792018

CVE-2018-15638

HIGH

CVSS:7.1(High)

Cross-site scripting (XSS) issue in mail module in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a vict...

CWE-792018

CVE-2019-14863

HIGH

CVSS:7.1(High)

There is a vulnerability in all angular versions before 1.5.0-beta.0, where after escaping the context of the web application, the web application delivers data to its users along with other trusted d...

CWE-792019