Reflected Cross-Site Scripting Vulnerability in Kiwire Captive Portal
CVE-2025-11189
Currently unrated
What is CVE-2025-11189?
The Kiwire Captive Portal is susceptible to a reflected cross-site scripting vulnerability found within the login-url parameter. This flaw permits malicious actors to execute JavaScript code, potentially compromising user sessions and allowing unauthorized access to sensitive information. Users and administrators should take immediate action to patch this vulnerability to safeguard their applications from exploitation.
Affected Version(s)
Kiwire 3.6