CVE Details
Basic Information
| Title | CVE-2025-3894 |
|---|---|
| Type | cve |
| Published | 2025-05-23T11:15:32 |
| Last Seen | 2025-05-23T12:26:04 |
CVSS Information
| Base Score | 0.0 () |
|---|---|
| Attack Vector | |
| Attack Complexity | |
| Privileges Required | |
| User Interaction | |
| Scope | |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | The vulnerability is a stored cross-site scripting (XSS) issue in the text editor embedded into MegaBIP software. It allows attackers to inject malicious scripts that can be executed by other users with high privileges, potentially leading to unauthorized actions or data theft. |
|---|---|
| AI Severity | Medium |
| Vendor | MegaBIP |
| Product | MegaBIP |
| Affected Version |
Additional Information
| CVE List | CVE-2025-3894 |
|---|---|
| CWE List | CWE-79 |
| Bulletin Family | cve |
Description
Text editor embedded into MegaBIP software does not neutralize user input allowing Stored XSS attacks on other users. In order to use the editor high privileges are…
CVSS Score Summary
Base Score: %!f(string=#) ()