CVE-2025-43488

Low CVSS 2.0

Overview

A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.2. The vulnerability could allow a bypass of the application's XSS filter by submitting untrusted characters. HP has addressed the issue in the latest software update.

CWE: CWE-79 Published: 2025-07-23T00:15:25.477

Risk analysis

This vulnerability is rated 🟢 LOW.

CVSS: 2.0 (LOW)
Detected tags: xss (tag impact: MODERATE)

Recommended actions:

Apply context-aware output encoding.
Enable Content-Security-Policy and HttpOnly/SameSite cookies.

Overview

Recommended tools

Tags