CVE-2025-22272

LOW

CyberArk Endpoint Privilege Manager <24.7.1 - Code Injection

Title source: llm
STIX 2.1

Description

In the "/EPMUI/ModalDlgHandler.ashx?value=showReadonlyDlg" endpoint, it is possible to inject code in the "modalDlgMsgInternal" parameter via POST, which is then executed in the browser. The risk of exploiting vulnerability is reduced due to the required additional bypassing the Content-Security-Policy policy This issue affects CyberArk Endpoint Privilege Manager in SaaS version 24.7.1. The status of other versions is unknown. After multiple attempts to contact the vendor we did not receive any answer.

References (3)

Core 3
Core References
Various Sources third-party-advisory
https://cert.pl/en/posts/2025/02/CVE-2025-22270/
Various Sources third-party-advisory
https://cert.pl/posts/2025/02/CVE-2025-22270/

Scores

CVSS v4 2.1
EPSS 0.0043
EPSS Percentile 34.4%
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-79
Status published
Products (1)
CyberArk/Endpoint Privilege Manager 24.7.1
Published Feb 28, 2025
Tracked Since Feb 18, 2026