XSS Vulnerability in Topkapi Spreadsheet View by Areal
CVE-2025-1434

6.1MEDIUM

Key Information:

Vendor: Areal Sas
Status: Topkapi Vision Webserv2
Vendor: CVE Published:; 11 March 2025

What is CVE-2025-1434?

Areal's Topkapi Spreadsheet view is susceptible to an XSS vulnerability that enables remote unauthorized attackers to manipulate and read limited values within the spreadsheet. Although this issue allows for potential exploitation, it does not compromise confidential information, system settings, or functionality of other spreadsheets. Users should remain vigilant and monitor updates to mitigate possible attacks.

Affected Version(s)

Topkapi Vision Webserv2 1.0.0 <= 6.2.5474

References

https://www.areal-topkapi.com/en/topkapi/security-bulletins

vendor-advisory

https://www.areal-topkapi.com/topkapi/bulletins-de-securite

vendor-advisory

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 11, 2025
Vulnerability Reserved
Feb 18, 2025

Areal Sas

What is CVE-2025-1434?

Affected Version(s)

References

CVSS V3.1

Timeline