How severe is CVE-2025-4648?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.4 out of 10.

What type of vulnerability is CVE-2025-4648?

This is classified as CWE-494, which is a common weakness in software security.

CVE-2025-4648 - HIGH Severity | CVSS 8.4

Vulnerability Description

Download of Code Without Integrity Check vulnerability in Centreon web allows Reflected XSS. A user with elevated privileges can inject XSS by altering the content of a SVG media during the submit request. This issue affects web: from 24.10.0 before 24.10.5, from 24.04.0 before 24.04.11, from 23.10.0 before 23.10.22, from 23.04.0 before 23.04.27, from 22.10.0 before 22.10.29.

Related Vulnerabilities

CVE-2019-7229

HIGH

CVSS:8.3(High)

The ABB CP635 HMI uses two different transmission methods to upgrade its firmware and its software components: "Utilization of USB/SD Card to flash the device" and "Remote provisioning process via ABB...

CWE-4942019

CVE-2020-1200

HIGH

CVSS:8.6(High)

<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnera...

CWE-4942020

CVE-2020-1452

HIGH

CVSS:8.6(High)

CWE-4942020

CVE-2020-1453

HIGH

CVSS:8.6(High)

CWE-4942020

CVE-2024-52583

HIGH

CVSS:8.2(High)

The WesHacks GitHub repository provides the official Hackathon competition website source code for the Muweilah Wesgreen Hackathon. The page `schedule.html` before 17 November 2024 or commit 93dfb83 c...

CWE-4942024

CVE-2019-3801

HIGH

CVSS:8.7(High)

Cloud Foundry cf-deployment, versions prior to 7.9.0, contain java components that are using an insecure protocol to fetch dependencies when building. A remote unauthenticated malicious attacker could...

CWE-4942019