What the vulnerability does
01Description
An authenticated remote attacker could use specially crafted URLs to send a victim using PI Vision 2019 mobile to a vulnerable web page due to a known issue in a third-party component.
CVSS base score
6.5/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Key dates
02Disclosure timeline
July 27, 2020
CVE published
September 16, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-69268 Spectrum reflected XSS
CVE-2025-67947 WordPress AdForest Elementor plugin <= 3.0.11 - Cross Site Scripting (XSS) vulnerability
CVE-2025-50006 WordPress xSmart theme <= 1.2.9.4 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-53420 WordPress WPLMS plugin <= 1.9.9.8 - Cross Site Scripting (XSS) vulnerability
CVE-2025-65956 Formwork CMS Has a Stored Cross-Site Scripting (XSS) Vulnerability in Blog Tags
