CVE 5.1 MEDIUM

NetVision Information|ISOinsight – Reflected Cross-site Scripting_CVE-2025-15355

December 30, 2025 invoker category_cve
5.1 / 10
MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

Description

ISOinsight developed by NetVision Information has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.

Basic Information

ID CVE-2025-15355
Source twcert
Published Dec 30, 2025 at 07:33

Affected Product

Vendor NetVision Information
Product ISOinsight
Version 2.9.0.*
Affected Versions NetVision Information ISOinsight 2.9.0.*
NetVision Information ISOinsight 3.0.0.*

CWE Classification

CWE-79

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.