CVE-2025-65480

{"id": "CVE-2025-65480", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2026-02-11T18:16:04.907", "references": [{"url": "http://pacom.com", "source": "cve@mitre.org"}, {"url": "https://github.com/derekyjj/vulnerability-research/tree/main/CVE-2025-65480", "source": "cve@mitre.org"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Pacom Unison Client 5.13.1. Authenticated users can inject malicious scripts in the Report Templates which are executed when certain script conditions are fulfilled, leading to Remote Code Execution."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en Pacom Unison Cliente 5.13.1. Los usuarios autenticados pueden inyectar scripts maliciosos en las Plantillas de Informes que se ejecutan cuando se cumplen ciertas condiciones de script, lo que lleva a Ejecuci\u00f3n Remota de C\u00f3digo."}], "lastModified": "2026-04-15T00:35:42.020", "sourceIdentifier": "cve@mitre.org"}