CVE-2025-1484: A vulnerability exists in the media upload component of the Asset Suite versions listed below. If successfully exploited an attacker could impact...
Description
A vulnerability exists in the media upload component of the Asset
Suite versions listed below. If successfully exploited an attacker
could impact the confidentiality or integrity of the system. An attacker can use this vulnerability to construct a request that will
cause JavaScript code supplied by the attacker to execute within
the user’s browser in the context of that user’s session with the
application.
Classification
CVE ID: CVE-2025-1484
CVSS Base Severity: MEDIUM
CVSS Base Score: 6.3
CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:H/SI:H/SA:N
Problem Types
CWE-184Affected Products
Vendor: Hitachi Energy
Product: Asset Suite
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.06% (probability of being exploited)
EPSS Percentile: 17.85% (scored less or equal to compared to others)
EPSS Date: 2025-06-16 (when was this score calculated)
References
https://nvd.nist.gov/vuln/detail/CVE-2025-1484https://publisher.hitachienergy.com/preview?DocumentID=8DBD000212&LanguageCode=en&DocumentPartId=&Action=Launch