Cross-Site Scripting Vulnerability in Broadcom DX NetOps Spectrum
CVE-2025-69268
5.3MEDIUM
What is CVE-2025-69268?
A Cross-Site Scripting (XSS) vulnerability exists in Broadcom DX NetOps Spectrum when improper neutralization of input occurs during web page generation. This vulnerability affects versions 24.3.8 and earlier on both Windows and Linux platforms, allowing attackers to perform reflected XSS attacks, potentially compromising user sessions or delivering malicious scripts to unsuspecting users. It is crucial for organizations using this software to review security practices and apply necessary mitigations to safeguard against these types of attacks.
Affected Version(s)
DX NetOps Spectrum Windows 24.3.8 and earlier
DX NetOps Spectrum Windows 24.3.9 and later
References
CVSS V4
Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Jean-Michel Huguet and Jorge Escabias from NATO Cyber Security Centre