CVE-2019-25323

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score

6.1 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N                                    

Vulnerability Description

Heatmiser Netmonitor v3.03 contains an HTML injection vulnerability in the outputSetup.htm page that allows attackers to inject malicious HTML code through the outputtitle parameter. Attackers can craft specially formatted POST requests to the outputtitle parameter to execute arbitrary HTML and potentially manipulate the web interface's displayed content.

Vulnerability Details

Published Date

February 12, 2026

Last Modified

February 13, 2026

CWE ID

CWE-79

Source

NVD

Vendor

Heatmiser

Product

Heatmiser Netmonitor

External References

https://web.archive.org/web/20190724160628/https://www.heatmiser.com/en/
https://www.exploit-db.com/exploits/47828
https://www.vulncheck.com/advisories/heatmiser-netmonitor-html-injection
https://www.zoneregeling.nl/heatmiser/netmonitor-handleiding.pdf

CVE-2019-25323

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment