High
CVSS 7.4
Overview
A cross-site scripting (XSS) vulnerability was reported in the Lenovo Browser that could allow an attacker to obtain sensitive information if a user visits a web page with specially crafted content.
CVE-2025-6248
A cross-site scripting (XSS) vulnerability was reported in the Lenovo Browser th...
Risk analysis
This vulnerability is rated 🟠 HIGH.
- CVSS: 7.4 (HIGH)
- Detected tags: xss (tag impact: MODERATE)
Recommended actions:
- Apply context-aware output encoding.
- Enable Content-Security-Policy and HttpOnly/SameSite cookies.