CVE-2025-53519 MEDIUM

CVE-2025-53519: Advantech iView Cross-site Scripting

Vendor Advantech

Product iView

Weakness CWE-79 · XSS

Published July 10, 2025

Last update July 11, 2025

View on NVD All CVEs

CVSS base score

5.4/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction Required

Confidentiality Low

Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

What the vulnerability does

01Description

A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting (XSS) attack. By manipulating specific parameters, an attacker could execute unauthorized scripts in the user's browser, potentially leading to information disclosure or other malicious activities.

Key dates

02Disclosure timeline

July 10, 2025 CVE published

July 11, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-53519

Related vulnerabilities

CVE-2025-53519: Advantech iView Cross-site Scripting

01Description

02Disclosure timeline

03References

04Related CVE