CVE-2025-1484 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-1484 PUBLISHED CVSS 6.300000190734863 MEDIUM

A vulnerability exists in the media upload component of the Asset Suite versions listed below. If successfully exploited an attacker could impact the confidentiality or integrity of the system. An attacker can use this vulnerability to construct a request that will cause JavaScript code supplied by the attacker to execute within the user’s browser in the context of that user’s session with the application.

EPSS 0.06% · 18.4th percentile

Risk Scores

CVSS v4.0

6.300000190734863

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:H/SI:H/SA:N

EPSS Score

0.06%

18.4th percentile

Affected Products

Vendor	Product	Versions
Hitachi Energy	Asset Suite	9.6.4.4, 9.6.4.5

Timeline

Feb 19, 2025 CVE ID Reserved
May 30, 2025 Coalition ESS Score
May 30, 2025 CVE Published
May 30, 2025 PoC Published
May 30, 2025 CVE Updated
May 31, 2025 EPSS Score
Jun 10, 2025 EPSS Score
Jun 21, 2025 EPSS Score
Jul 1, 2025 EPSS Score
Jul 11, 2025 EPSS Score
Jul 15, 2025 PoC Published
Jul 21, 2025 EPSS Score

References

Open in Interactive Console →