Unrated severityNVD Advisory· Published Dec 12, 2025· Updated Jan 6, 2026
SolarEdge Monitoring Platform contains a XSS upon report deletion
CVE-2025-36746
Description
SolarEdge monitoring platform contains a Cross‑Site Scripting (XSS) flaw that allows an authenticated user to inject payloads into report names, which may execute in a victim’s browser during a deletion attempt.
Affected products
2- SolarEdge/SolarEdge Monitoring platform (SaaS)v5Range: unkown
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- csirt.divd.nl/CVE-2025-36746mitrethird-party-advisory
- csirt.divd.nl/DIVD-2025-00022/mitrethird-party-advisory
News mentions
0No linked articles in our index yet.