CVE-2025-43484 MEDIUM

CVE-2025-43484: Poly Clariti Manager - Multiple Security Vulnerabilities

Vendor Hp Inc.
Product Poly Clariti Manager
Weakness CWE-79 · XSS
Published July 22, 2025
Last update July 23, 2025

CVSS base score

6.0/10
Attack vector Adjacent
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N

What the vulnerability does

01Description

A potential reflected cross-site scripting vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The website does not validate or sanitize the user input before rendering it in the response. HP has addressed the issue in the latest software update.

Key dates

02Disclosure timeline

July 22, 2025 CVE published
July 23, 2025 Record updated