CVE-2025-6248Cross-site Scripting in Lenovo Browser

CWE-79Cross-site Scripting3 documents3 sources
Severity
7.1HIGHNVD
EPSS
0.1%
top 84.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Lenovo Browser
Timeline
PublishedJul 17

Description

A cross-site scripting (XSS) vulnerability was reported in the Lenovo Browser that could allow an attacker to obtain sensitive information if a user visits a web page with specially crafted content.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Packages1 packages

CVEListV5lenovo/browserN/A

🔴Vulnerability Details

2
CVEList
CVE-2025-6248: A cross-site scripting (XSS) vulnerability was reported in the Lenovo Browser that could allow an attacker to obtain sensitive information if a user v2025-07-17
GHSA
GHSA-rcqg-6pxj-gjwg: A cross-site scripting (XSS) vulnerability was reported in the Lenovo Browser that could allow an attacker to obtain sensitive information if a user v2025-07-17
CVE-2025-6248 — Cross-site Scripting in Lenovo Browser | cvebase