Unrated severityNVD Advisory· Published Apr 8, 2025· Updated Apr 8, 2025
CVE-2025-22465
CVE-2025-22465
Description
Reflected XSS in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote unauthenticated attacker to execute arbitrary javascript in a victim's browser. Unlikely user interaction is required.
Affected products
2<2024 SU1 or <2022 SU7+ 1 more
- (no CPE)range: <2024 SU1 or <2022 SU7
- (no CPE)range: 2024 SU1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.