{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T08:50:51.731","vulnerabilities":[{"cve":{"id":"CVE-2025-9225","sourceIdentifier":"1b7e193f-2525-49a1-b171-84af8827c9eb","published":"2025-08-20T08:15:50.097","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Stored cross-site scripting (XSS) in the web interface of MiR software versions prior to 3.0.0 on MiR Robots and MiR Fleet allows execution of arbitrary JavaScript code in a victim’s browser"},{"lang":"es","value":"Cross-site scripting (XSS) almacenado en la interfaz web de las versiones de MiR software anteriores a la 3.0.0 en MiR Robots y MiR Fleet permiten la ejecución de código JavaScript arbitrario en el navegador de la víctima."}],"metrics":{"cvssMetricV31":[{"source":"1b7e193f-2525-49a1-b171-84af8827c9eb","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.1,"impactScore":3.4}]},"weaknesses":[{"source":"1b7e193f-2525-49a1-b171-84af8827c9eb","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://mobile-industrial-robots.com/security-advisories/cross-site-scripting","source":"1b7e193f-2525-49a1-b171-84af8827c9eb"},{"url":"https://supportportal.mobile-industrial-robots.com/documentation/mir-cybersecurity-guide/mir-cybersecurity-guide/","source":"1b7e193f-2525-49a1-b171-84af8827c9eb"}]}}]}