Unrated severityNVD Advisory· Published Mar 25, 2026· Updated Mar 25, 2026
Ericsson Indoor Connect 8855 - Improper Neutralization of Input During Web Page Generation Vulnerability
CVE-2025-40842
Description
Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a Cross-Site Scripting (XSS) vulnerability which, if exploited, can lead to unauthorized disclosure and modification of certain information.
Affected products
2<2025.Q3+ 1 more
- (no CPE)range: <2025.Q3
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.