CVE-2025-0790: ESAFENET CDG doneDetail.jsp cross site scripting
First published: Tue Jan 28 2025(Updated: )
A vulnerability classified as problematic was found in ESAFENET CDG V5. This vulnerability affects unknown code of the file /doneDetail.jsp. The manipulation of the argument curpage leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Gemalto SafeNet CDG |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-0790?
CVE-2025-0790 is classified as a problematic vulnerability that poses a risk due to cross-site scripting.
How do I fix CVE-2025-0790?
To mitigate CVE-2025-0790, implement input validation and encoding for the 'curpage' argument in the /doneDetail.jsp file.
What software is affected by CVE-2025-0790?
CVE-2025-0790 affects the ESAFENET CDG V5 software.
Can CVE-2025-0790 be exploited remotely?
Yes, CVE-2025-0790 can be exploited remotely through manipulation of the 'curpage' argument.
What type of attack is associated with CVE-2025-0790?
CVE-2025-0790 is associated with a cross-site scripting (XSS) attack.
- agent/weakness
- agent/title
- agent/references
- agent/first-publish-date
- agent/type
- agent/description
- agent/softwarecombine
- agent/severity
- agent/author
- agent/source
- agent/tags
- agent/event
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/esafenet
- canonical/gemalto safenet cdg