CVE-2025-40842
Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a
Cross-Site Scripting (XSS) vulnerability which, if ex
Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a Cross-Site Scripting (XSS) vulnerability which, if exploited, can lead to unauthorized disclosure and modification of certain information.
MEDIUM · CVSS 6.1
EPSS 0.00035
Schedule remediation
- SSVC automatable: yes - attacks can be scripted at scale
Sigma rules0
YARA rules0