Cross Site Scripting Vulnerability in AutoConnect Arduino Library
CVE-2025-50740
6.1MEDIUM
What is CVE-2025-50740?
The AutoConnect library version 1.4.2 for Arduino presents a cross site scripting (XSS) vulnerability through its web interface. This issue occurs when a crafted network SSID allows attackers to embed malicious HTML or JavaScript code, potentially leading to the execution of unintended scripts on users' devices. Such vulnerabilities can compromise user data and pose significant security risks, underscoring the need for timely updates and security measures.