CVE-2025-9227

CWE-79 — Cross-site Scripting (XSS)3 documents3 sources

Severity

6.5MEDIUM

EPSS

0.0%

top 84.91%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Zohocorp Manageengine Opmanager

Timeline

PublishedNov 11

Description

Zohocorp ManageEngine OpManager versions 128609 and below are vulnerable to Stored XSS Vulnerability in the SNMP trap processor.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:LExploitability: 2.3 | Impact: 3.7

Affected Packages1 packages

▶CVEListV5zohocorp/manageengine_opmanager128609

🔴Vulnerability Details

CVEList

Stored XSS↗2025-11-11

▶

GHSA

GHSA-xvgg-cwcr-cr95: Zohocorp ManageEngine OpManager versions 128609 and below are vulnerable to Stored XSS Vulnerability in the SNMP trap processor↗2025-11-11

▶