cbcvebase.
CVE-2025-25001
published 2025-04-04

CVE-2025-25001: Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to…

medium4.3CVSS 3.1
AVNACLPRNUIRSUCLINAN
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

Affected

3 ranges
VendorProductVersion rangeFixed in
microsoftedge< 132.0.2957.118132.0.2957.118
microsoftmicrosoft_edge_for_ios>= 1.0.0.0 < 132.0.2957.118132.0.2957.118
msrcmicrosoft_edge_for_ios
CVE-2025-25001 — Cross-site Scripting in Microsoft | cvebase