Unrated severityNVD Advisory· Published Jul 29, 2025· Updated Jul 29, 2025
CVE-2025-52358
CVE-2025-52358
Description
A cross-site scripting vulnerability in Vivaldi United Group iCONTROL+ Server including Firmware version 4.7.8.0.eden Logic version 5.32 and below. This issue allows attackers to inject JavaScript payloads within the error or edit-menu-item parameters which are then executed in the victim's browser session.
Affected products
2- Vivaldi United Group/iCONTROL+ Serverdescription
- Range: <=5.32
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
0No linked articles in our index yet.