Cross-Site Scripting Vulnerability in Netwrix Directory Manager
CVE-2025-47189

6.1MEDIUM

Key Information:

Vendor: Netwrix
Status: Netwrix Directory Manager
Vendor: CVE Published:; 17 July 2025

What is CVE-2025-47189?

The Netwrix Directory Manager is susceptible to a Cross-Site Scripting (XSS) vulnerability through May 1, 2025. This flaw allows attackers to inject malicious scripts into web pages viewed by users, potentially compromising user data and session integrity. It highlights the need for vigilant security measures from both administrators and users to mitigate risks associated with XSS attacks.

References

https://netwrix.com

https://community.netwrix.com/t/adv-2025-015-critical-vul...

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 17, 2025
Vulnerability Reserved
May 2, 2025