Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-dsza-jyqs-47cq

Summary A stored cross-site scripting vulnerability exists in FS model S3150-8T2F switches running firmware s3150-8t2f-switch-fsos-220d_118101 and web firmware v2.2.2, which allows an authenticated web interface user to bypass input filtering on user names, and stores un-sanitized HTML and Javascript on the device. Pages which then present the user name without encoding special characters will then cause the injected code to be parsed by the browsers of other users accessing the web interface.

Aliases

alias	CVE-2025-25625

Fixed_packages

Affected_packages

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-25625

reference_id

reference_type

scores

value	0.00046
scoring_system	epss
scoring_elements	0.14495
published_at	2026-06-11T12:55:00Z

value	0.00046
scoring_system	epss
scoring_elements	0.14614
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-25625

reference_url

https://github.com/whitewhale-dmb/Vulnerability-Research/tree/main/CVE-2025-25625

reference_id

CVE-2025-25625

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-19T18:32:09Z/

url

https://github.com/whitewhale-dmb/Vulnerability-Research/tree/main/CVE-2025-25625

Weaknesses

Exploits

Severity_range_score 5.4 - 5.4

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dsza-jyqs-47cq

Vulnerability Instance