CVE-2025-40769

High CVSS 7.4

Overview

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application uses a Content Security Policy that allows unsafe script execution methods. This could allow an attacker to execute unauthorized scripts, potentially leading to cross-site scripting attacks.

CWE: CWE-1164 Published: 2025-08-12T12:15:37.893

Risk analysis

This vulnerability is rated 🟠 HIGH.

CVSS: 7.4 (HIGH)
Detected tags: xss (tag impact: MODERATE)

Recommended actions:

Apply context-aware output encoding.
Enable Content-Security-Policy and HttpOnly/SameSite cookies.

Overview

Recommended tools

Tags