CVE-2025-13650 in ZeusWebالمعلومات

الملخص

بحسب MITRE • 11/02/2026

An attacker with access to the web application ZeusWeb of the provider Microcom (in this case, registration is not necessary, but the action must be performed) who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Surname’ parameter of the ‘Create Account’ operation at the URL: https://zeus.microcom.es:4040/index.html?zeus6=true . This issue affects ZeusWeb: 6.1.31.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

HackRTU

حجز

25/11/2025

إفشاء

11/02/2026

الاعتدال

تمت الموافقة

إدخال

VDB-345448

CPE

جاهز

CWE

CWE-79 (مؤكد)

CVSS

6.1 (NVD)

EPSS

0.00013

KEV

لا

النشاطات

منخفض جدًا

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-13650
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-13650
CVE Details	https://www.cvedetails.com/cve/CVE-2025-13650/

التالي ▸نظرة عامة ◂ السابق

Want to stay up to date on a daily basis?

Enable the mail alert feature now!