CVE-2025-69275 | THREATINT

Description

Dependency on Vulnerable Third-Party Component vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows DOM-Based XSS.This issue affects DX NetOps Spectrum: 24.3.9 and earlier.

PUBLISHED Reserved 2025-12-31 | Published 2026-01-12 | Updated 2026-01-12 | Assigner ca

HIGH: 7.1CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:H/SI:L/SA:N

Problem types

CWE-1395 Dependency on Vulnerable Third-Party Component

Product status

Default status

unaffected

24.3.9 and earlier (custom)

affected

24.3.10 and later (custom)

unaffected

Credits

Jean-Michel Huguet and Jorge Escabias from NATO Cyber Security Centre finder

References

support.broadcom.com/...l/content/SecurityAdvisories/0/36756 vendor-advisory

cve.org (CVE-2025-69275)

nvd.nist.gov (CVE-2025-69275)

Download JSON