iCONTROL+ Server

CVEs (1)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2025-52358	Vivaldi United Group iCONTROL+ Server		0.00	—	0.00		Jul 29, 2025	A cross-site scripting vulnerability in Vivaldi United Group iCONTROL+ Server including Firmware version 4.7.8.0.eden Logic version 5.32 and below. This issue allows attackers to inject JavaScript payloads within the error or edit-menu-item parameters which are then executed in the victim's browser session.

CVE-2025-52358Jul 29, 2025
Vivaldi United Group
iCONTROL+ Server
risk 0.00cvss —epss 0.00
A cross-site scripting vulnerability in Vivaldi United Group iCONTROL+ Server including Firmware version 4.7.8.0.eden Logic version 5.32 and below. This issue allows attackers to inject JavaScript payloads within the error or edit-menu-item parameters which are then executed in the victim's browser session.