Cross-Site Scripting Vulnerability in Netwrix Directory Manager by Netwrix
CVE-2025-54392

Currently unrated

Key Information:

Vendor

Netwrix

Status
Netwrix Directory Manager
Vendor
CVE Published:
7 August 2025

What is CVE-2025-54392?

The Netwrix Directory Manager, formerly known as Imanami GroupID, has an identified vulnerability that permits Cross-Site Scripting (XSS) attacks related to authentication error messages. Versions 11.0.0.0 and earlier are susceptible, posing a risk of malicious exploitation. Users are advised to upgrade to version 11.1.25162.02 or later to mitigate this issue and enhance their security posture.

References

https://community.netwrix.com/t/adv-2025-015-critical-vul...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-54392 : Cross-Site Scripting Vulnerability in Netwrix Directory Manager by Netwrix