CVE-2025-34266 | Advantech WISE-DeviceOn Server up to 5.3 menus label/path cross site scripting

A vulnerability classified as problematic has been found in Advantech WISE-DeviceOn Server up to 5.3. The affected element is an unknown function of the file /rmm/v1/plugin-config/addins/menus. The manipulation of the argument label/path leads to cross site scripting.

This vulnerability is documented as CVE-2025-34266. The attack can be initiated remotely. There is not any exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More