CVE-2025-34263 | Advantech WISE-DeviceOn Server up to 5.3 Configuration Data menus label/path cross site scripting

A vulnerability described as problematic has been identified in Advantech WISE-DeviceOn Server up to 5.3. Impacted is an unknown function of the file /rmm/v1/plugin-config/dashboards/menus of the component Configuration Data Handler. Executing manipulation of the argument label/path can lead to cross site scripting.

This vulnerability is registered as CVE-2025-34263. It is possible to launch the attack remotely. No exploit is available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More