CVE-2025-43486

A potential stored cross-site scripting vulnerability has been
identified in the Poly Clariti Manager for versions prior to 10.12.1. The
website allows user input to be stored and rendered without proper
sanitization. HP has addressed the issue in the latest software update.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
hpCNA
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Common Weakness Enumeration
References
https://support.hp.com/us-en/document/ish_12781425-12781447-16/hbsbpy04037