CVE-2025-3840

An improper neutralization of input vulnerability was identified in the End of Life (EOL) OVA based connect installer component used for installation purposes in customer networks [1]. The vulnerability lies in the login form, where an attacker can manipulate the action parameter to inject malicious scripts, leading to a cross-site scripting (XSS) attack under certain conditions [1].

To exploit this vulnerability, an attacker would need to craft a malicious action parameter in the login form URL. The attack requires some user interaction or specific conditions to trigger the injected script, as stated in the description [1].

Successful exploitation could allow an attacker to execute arbitrary script code in the context of the affected login page, potentially leading to session hijacking, credential theft, or other client-side attacks [1].

This component has been End of Life (EOL) since September 2023, with support extended until January 2024 [1]. Saviynt advises customers to ensure they are no longer using this deprecated component and have migrated to supported versions. No further patches will be provided for this EOL component [1].