CVE-2025-40697

Vulnerability Description

Reflected Cross-Site Scripting (XSS) vulnerability in '/index.php' in Lewe WebMeasure, which allows remote attackers to execute arbitrary code through the 'page' parameter. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform actions on behalf of the user.

Related Weaknesses (CWE)

CWE-79

References

https://www.incibe.es/en/incibe-cert/notices/aviso/reflected-cross-site-scriptin

FAQ

What is CVE-2025-40697?

CVE-2025-40697 is a documented vulnerability. Reflected Cross-Site Scripting (XSS) vulnerability in '/index.php' in Lewe WebMeasure, which allows remote attackers to execute arbitrary code through the 'page' parameter. This vulnerability can be e...

How severe is CVE-2025-40697?

CVSS scoring is not yet available for CVE-2025-40697. Check NVD for updates.

Is there a patch for CVE-2025-40697?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.