Home

Description

Improper Input Validation vulnerability in Hallo Welt! GmbH BlueSpice (Extension:CognitiveProcessDesigner) allows Cross-Site Scripting (XSS).This issue affects BlueSpice: from 5 through 5.1.1.

PUBLISHED Reserved 2025-09-18 | Published 2025-09-19 | Updated 2025-09-19 | Assigner HW




MEDIUM: 5.9CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-20 Improper Input Validation

Product status

Default status
affected

5 (semver)
affected

References

en.wiki.bluespice.com/...ty:Security_Advisories/BSSA-2025-05

cve.org (CVE-2025-58114)

nvd.nist.gov (CVE-2025-58114)

Download JSON