Vulnerabilities

CVE-2025-63243 - Pixeon WebLaudos Reflected Cross-Site Scripting (XSS) Vulnerability

2025-11-19 0 views admin

CVE ID : CVE-2025-63243 Published : Nov. 19, 2025, 3:15 p.m. | 34 minutes ago Description : A reflected cross-site scripting (XSS) vulnerability exists in the password change functionality of Pixeon WebLaudos 25.1 (01). The sle_sSenha parameter to the loginAlterarSenha.asp file. An attacker can craft a malicious URL that, when visited by a victim, causes arbitrary JavaScript code to be executed in the victim's browser within the security context of the vulnerable application. This issue could allow attackers to steal session cookies, disclose sensitive information, perform unauthorized actions on behalf of the user, or conduct phishing attacks. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2025-63243

Published

Nov. 19, 2025

Impact: XSS

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2025-63243

CVE-2025-63243 - Pixeon WebLaudos Reflected Cross-Site Scripting (XSS) Vulnerability

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2025-64125 - Nuvation Energy nCloud Client-to-Client Communication

CVE-2025-64124 - Nuvation Energy Multi-Stack Controller OS Command Injection

CVE-2026-21484 - AnythingLLM Vulnerable to Username Enumeration w/ Password Recovery

CVE-2026-0571 - yeqifu warehouse AppFileUtils.java createResponseEntity path traversal

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting