VYPR
Medium severity5.4NVD Advisory· Published Mar 10, 2025· Updated Jun 17, 2026

CVE-2025-2150

CVE-2025-2150

Description

The C&Cm@il from HGiga has a Stored Cross-Site Scripting (XSS) vulnerability, allowing remote attackers with regular privileges to send emails containing malicious JavaScript code, which will be executed in the recipient's browser when they view the email.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Hgiga/C&Cm@illlm-fuzzy2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: 0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.