CVE-2025-6512
Severity CVSS v4.0:
Pending analysis
Type:
CWE-94
Code Injection
Publication date:
23/06/2025
Last modified:
23/06/2025
Description
On a client with a non-admin user, a script can be integrated into a report. The reports could later be executed on the BRAIN2 server with administrator rights.
Impact
Base Score 3.x
10.00
Severity 3.x
CRITICAL