CVE-2025-1484NVD

Vulnerability Summary

A vulnerability exists in the media upload component of the Asset
Suite versions listed below. If successfully exploited an attacker
could impact the confidentiality or integrity of the system. An attacker can use this vulnerability to construct a request that will
cause JavaScript code supplied by the attacker to execute within
the user’s browser in the context of that user’s session with the
application.

Severity Level

MEDIUM(6.3)

Published Date

May 30, 2025

Last Modified

May 30, 2025

Exploitation Status

????

EPSS Score (30-Day)

Data Pending

Root Weakness (CWE)

CWE-184: Unknown/Unlisted Weakness ↗

Refer to the official MITRE database for detailed architectural specifications regarding this weakness.

CVSS v4.0 Base Metrics

Attack VectorNetwork

Attack ComplexityLow

Privileges RequiredLow

External References

https://publisher.hitachienergy.com/preview?DocumentID=8DBD000212&LanguageCode=en&DocumentPartId=&Action=Launch

Critical Alert 1 Active Exploit Detected Today

CVE Watchtower

CVE-2025-1484NVD

Vulnerability Summary

External References