Security Advisory - IXSA-20250310-02
| Advisory ID |
IXSA-20250310-02 |
| Version |
1.0 |
| Last updated |
10.03.2025 |
| Published |
10.03.2025 |
| Status |
Resolved |
| CVEs |
CVE-2025-30092 |
| Summary |
Cross-Site-Scripting Vulnerability in multiple Velocity-Scripts. |
| Type/Severity |
High |
| Description |
In Intrexx Portal Server multiple Velocity-Scripts are susceptible to the execution of not requested Java Script code in HTML ("Cross-Site-Scripting"). |
| Solution |
Please install Intrexx version 12.0.3 or 11.9.3. |
| Affected Products |
- Intrexx Portal Server <= 12.0.2
- Intrexx Portal Server <= 11.9.2
|
| Fixes |
- Intrexx Version 12.0.3 (12.0.3.20250224), Released on 24.02.2025
- Intrexx Version 11.9.3 (11.9.3.20250220), Released on 24.02.2025
|
| References |
|