What is CVE-2025-14722 — XSS in vion707 DMadmin?

CVE-2025-14722 is a cross-site scripting (XSS) vulnerability in vion707 DMadmin versions up to 3403cafdb42537a648c30bf8cbc8148ec60437d1, allowing attackers to inject malicious scripts.

Am I affected by CVE-2025-14722 in vion707 DMadmin?

You are affected if you are using vion707 DMadmin versions prior to 3403.0.1. Check your version and upgrade if necessary.

How do I fix CVE-2025-14722 in vion707 DMadmin?

Upgrade to version 3403.0.1 or later. As a temporary workaround, implement input validation and output encoding.

Is CVE-2025-14722 being actively exploited?

While there's no confirmed active exploitation, the vulnerability is publicly disclosed, increasing the risk of exploitation.

Where can I find the official vion707 advisory for CVE-2025-14722?

Due to the vendor's lack of response, an official advisory may not be available. Monitor security news sources for updates.

CVE-2025-14722 — Vulnerability Details

NEXTGUARD

Escanear grátis

CVE-2025-14722 — Vulnerability Details | NextGuard

Passos de Detecçãotraduzindo…

• php: Examine the Admin/Controller/AddonsController.class.php file for any unusual or unexpected code.

grep -r 'eval(' /path/to/DMadmin/Admin/Controller/

• generic web: Monitor access logs for suspicious requests targeting the Add function with unusual parameters.

grep 'Admin/Controller/AddonsController.class.php' /var/log/apache2/access.log

• generic web: Check response headers for signs of script injection.

curl -I <DMadmin_URL>/Admin/Controller/AddonsController.class.php | grep Content-Type

vion707 DMadmin Backend AddonsController.class.php add cross site scripting

Impacto e Cenários de Ataquetraduzindo…

Contexto de Exploraçãotraduzindo…

Quem Está em Riscotraduzindo…

Passos de Detecçãotraduzindo…

Linha do Tempo do Ataque

Inteligência de Ameaças

Software Afetado

Classificação de Fraqueza (CWE)

Linha do tempo

Mitigação e Soluções Alternativastraduzindo…

Como corrigirtraduzindo…

Boletim de Segurança CVE

Perguntas frequentestraduzindo…

What is CVE-2025-14722 — XSS in vion707 DMadmin?

Am I affected by CVE-2025-14722 in vion707 DMadmin?

How do I fix CVE-2025-14722 in vion707 DMadmin?

Is CVE-2025-14722 being actively exploited?

Where can I find the official vion707 advisory for CVE-2025-14722?

Seu projeto está afetado?