Vulnerability Details CVE-2025-61949
LogStare Collector contains a stored cross-site scripting vulnerability in UserManagement. If crafted user information is stored, an arbitrary script may be executed on the web browser of the user who logs in to the product's management page.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 8.0%
CVSS Severity
CVSS v3 Score 5.4
Products affected by CVE-2025-61949
-
cpe:2.3:a:secuavail:logstare_collector:1.5.1
-
cpe:2.3:a:secuavail:logstare_collector:1.5.2
-
cpe:2.3:a:secuavail:logstare_collector:1.6.0
-
cpe:2.3:a:secuavail:logstare_collector:1.6.1
-
cpe:2.3:a:secuavail:logstare_collector:1.7.0
-
cpe:2.3:a:secuavail:logstare_collector:1.7.1
-
cpe:2.3:a:secuavail:logstare_collector:1.8.0
-
cpe:2.3:a:secuavail:logstare_collector:1.8.1
-
cpe:2.3:a:secuavail:logstare_collector:1.9.0
-
cpe:2.3:a:secuavail:logstare_collector:1.9.1
-
cpe:2.3:a:secuavail:logstare_collector:1.9.2
-
cpe:2.3:a:secuavail:logstare_collector:2.0.0
-
cpe:2.3:a:secuavail:logstare_collector:2.0.1
-
cpe:2.3:a:secuavail:logstare_collector:2.1.0
-
cpe:2.3:a:secuavail:logstare_collector:2.1.1
-
cpe:2.3:a:secuavail:logstare_collector:2.1.2
-
cpe:2.3:a:secuavail:logstare_collector:2.1.3
-
cpe:2.3:a:secuavail:logstare_collector:2.2.0
-
cpe:2.3:a:secuavail:logstare_collector:2.2.1
-
cpe:2.3:a:secuavail:logstare_collector:2.3.0
-
cpe:2.3:a:secuavail:logstare_collector:2.3.1
-
cpe:2.3:a:secuavail:logstare_collector:2.3.2
-
cpe:2.3:a:secuavail:logstare_collector:2.3.3
-
cpe:2.3:a:secuavail:logstare_collector:2.3.4
-
cpe:2.3:a:secuavail:logstare_collector:2.3.5
-
cpe:2.3:a:secuavail:logstare_collector:2.3.6
-
cpe:2.3:a:secuavail:logstare_collector:2.3.7
-
cpe:2.3:a:secuavail:logstare_collector:2.3.8
-
cpe:2.3:a:secuavail:logstare_collector:2.3.9
-
cpe:2.3:a:secuavail:logstare_collector:2.4.0
-
cpe:2.3:a:secuavail:logstare_collector:2.4.1
-
cpe:2.3:o:linux:linux_kernel:-
-
cpe:2.3:o:microsoft:windows:-