VYPR
Unrated severityNVD Advisory· Published Apr 8, 2025· Updated Apr 8, 2025

CVE-2025-22466

CVE-2025-22466

Description

Reflected XSS in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote unauthenticated attacker to obtain admin privileges. User interaction is required.

Affected products

2
  • Ivanti/Endpoint Manager Mobilellm-fuzzy2 versions
    before 2024 SU1 or before 2022 SU7+ 1 more
    • (no CPE)range: before 2024 SU1 or before 2022 SU7
    • (no CPE)range: 2024 SU1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.