CVE-2025-65480

HIGH

8.8

Beschreibung

An issue was discovered in Pacom Unison Client 5.13.1. Authenticated users can inject malicious scripts in the Report Templates which are executed when certain script conditions are fulfilled, leading to Remote Code Execution.

CVE Details

CVSS v3.1 Bewertung8.8

SchweregradHIGH

CVSS VektorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AngriffsvektorNETWORK

KomplexitatLOW

Erforderliche PrivilegienLOW

BenutzerinteraktionNONE

Veroffentlicht2/11/2026

Zuletzt geandert2/12/2026

Quellenvd

Honeypot-Sichtungen0

Schwachen (CWE)

CWE-78

Referenzen

http://pacom.com(cve@mitre.org)

https://github.com/derekyjj/vulnerability-research/tree/main/CVE-2025-65480(cve@mitre.org)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.