Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-40726

Reflected Cross-Site Scripting (XSS) vulnerability in /pages/search-results-page in Nosto, which allows remote attackers to execute arbitrary code via the q GET request parameter.

Published

2025-06-16T09:15:19.427

Last Modified

2025-06-16T12:32:18.840

Status

Awaiting Analysis

Source

[email protected]

Severity

Weaknesses

Type: Secondary
CWE-79

Affected Vendors & Products

References

https://www.incibe.es/en/incibe-cert/notices/aviso/cross-site-scripting-xss-reflected-nosto ([email protected])