VYPR
Unrated severityNVD Advisory· Published Apr 8, 2025· Updated Apr 8, 2025

CVE-2025-22465

CVE-2025-22465

Description

Reflected XSS in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote unauthenticated attacker to execute arbitrary javascript in a victim's browser. Unlikely user interaction is required.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.