CVE-2019-25294
Severity CVSS v4.0:
MEDIUM
Type:
CWE-79
Cross-Site Scripting (XSS)
Publication date:
06/02/2026
Last modified:
06/02/2026
Description
html5_snmp 1.11 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through the 'Remark' parameter in add_router_operation.php. Attackers can craft a POST request with a script payload in the Remark field to execute arbitrary JavaScript in victim browsers when the page is loaded.
Impact
Base Score 4.0
5.10
Severity 4.0
MEDIUM
Base Score 3.x
6.40
Severity 3.x
MEDIUM