CVE-2025-63211
EUVD-2025-19817719.11.2025, 19:15
Stored cross-site scripting vulnerability in bridgetech VBC Server & Element Manager, firmware versions 6.5.0-9 thru 6.5.0-10, allows attackers to execute arbitrary code via the addName parameter to the /vbc/core/userSetupDoc/userSetupDoc endpoint.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| bridgetech | vbc_server | 6.5.0-9 |
| bridgetech | vbc_server | 6.5.0-10 |
𝑥
= Vulnerable software versions
References