{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-14T17:40:40.597","vulnerabilities":[{"cve":{"id":"CVE-2025-22491","sourceIdentifier":"CybersecurityCOE@eaton.com","published":"2025-02-28T09:15:12.540","lastModified":"2025-08-26T11:15:32.053","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"The user input was not sanitized on Reporting Hierarchy Management page of Foreseer Reporting Software (FRS) application which could lead into execution of arbitrary JavaScript in a browser context\nfor all the interacting users. This security issue has been patched in the latest version 1.5.100 of the FRS."},{"lang":"es","value":"La entrada del usuario no se limpió en la página de administración de jerarquía de informes de la aplicación Foreseer Reporting Software (FRS), lo que podría provocar la ejecución de JavaScript arbitrario en un contexto de navegador para todos los usuarios que interactuaban. Este problema de seguridad se ha corregido en la última versión 1.5.100 de FRS."}],"metrics":{"cvssMetricV31":[{"source":"CybersecurityCOE@eaton.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:U\/C:H\/I:H\/A:H","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":5.9}]},"weaknesses":[{"source":"CybersecurityCOE@eaton.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https:\/\/www.eaton.com\/content\/dam\/eaton\/company\/news-insights\/cybersecurity\/security-bulletins\/etn-va-2024-1009.pdf","source":"CybersecurityCOE@eaton.com"}]}}]}