CVE-2025-61198
MEDIUMOptimod 5950 5950HD 5750 5750HD Trio 1.0.0.33 System 2.5.26 - Stored Cross-Site Scripting in Log Renderer
Title source: llmDescription
A stored cross-site scripting (XSS) vulnerability in Optimod 5950 - Optimod 5950HD - Optimod 5750 - Optimod 5750HD - Optimod Trio - Optimod version 1.0.0.33 - System version 2.5.26, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the logs which would be returned in logs rendered in the UI.
References (2)
Core 2
Core References
Various Sources
https://www.orban.com/
Scores
CVSS v3
5.4
EPSS
0.0023
EPSS Percentile
14.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-79
Status
published
Published
Oct 06, 2025
Tracked Since
Feb 18, 2026