cvedb.io
CVE-2025-61949
MEDIUM · CVSS 5.4
EPSS exploitation probability: 0%
Published 2025-11-21T07:15:54.273 · Last modified 2026-06-17T09:51:07.520

Summary

LogStare Collector contains a stored cross-site scripting vulnerability in UserManagement. If crafted user information is stored, an arbitrary script may be executed on the web browser of the user who logs in to the product's management page.

Affected products

secuavail — logstare_collector

Does this affect you?

Add your gear to cvedb and we'll alert you only when secuavail ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.