Primary

Context

Ericsson Network Manager Cross-Site Scripting Vulnerability Allowing Data Exfiltration or Redirection

Vulnerability

Patched

A cross-site scripting vulnerability has been identified in Ericsson Network Manager (ENM) versions prior to 25.2 GA. This vulnerability can be exploited to exfiltrate limited data or redirect victims to other sites or domains.

Impact

Exploitation of this vulnerability could lead to cross-site scripting, allowing for the exfiltration of data or redirection of users to malicious sites.

Remediation

Users are advised to upgrade to Ericsson Network Manager version 25.2 or later.

Added: Oct 13, 2025, 7:18 AM

Updated: Oct 13, 2025, 7:18 AM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

1.3

exploitability

4.6

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

1.3

exploitability

4.6

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Ericsson Network Manager Cross-Site Scripting Vulnerability Allowing Data Exfiltration or Redirection

Vulnerability

Impact

Remediation

Affected Products

Ericsson Network Manager

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating