All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

CVE-2025-14773: Cross-Site Scripting Vulnerability in ABB T-MAC Plus (Version 4.0-24)

3h ago· 2 min readenNews
Bagel score 70 of 100
70/100
Toasty
Bagelometer

Lightly browned and well buttered. A solid pick from the rack.

Score70TypenewsSentimentnegative

Summary

A cross-site scripting (XSS) vulnerability has been disclosed in ABB T-MAC Plus, affecting version 4.0-24. The vulnerability involves improper neutralization of input during web page generation, which could allow attackers to execute malicious scripts. No additional details about exploitation or remediation are provided in this brief CVE entry.

Key quotes

· 2 pulled
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in ABB T-MAC Plus.
This issue affects T-MAC Plus: 4.0-24.
Snippet from the RSS feed
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24.

You might also wanna read

Analysis of CVE-2025-14986: Temporal's Masked Namespace Vulnerability Enabling Cross-Tenant Security Bypass

The article details CVE-2025-14986, a security vulnerability in Temporal's ExecuteMultiOperation endpoint that allows cross-tenant policy an

depthfirst.com·3mo ago

Security Researchers Discover Critical XSS Vulnerabilities in Mintlify Platform Affecting Major Tech Companies

A 16-year-old hacker and his friends discovered critical cross-site scripting vulnerabilities in Mintlify, an AI documentation platform used

gist.github.com·5mo ago

Critical Authentication Bypass Vulnerability Discovered in cPanel & WHM (CVE-2026-41940)

watchTowr Labs reports on a critical authentication bypass vulnerability (CVE-2026-41940) in cPanel & WHM, a widely-used web hosting control

watchTowr Labs·1mo ago

Researcher Discovers Critical React2Shell RCE Vulnerability (CVE-2025-55182) Affecting Millions of Websites

A security researcher recounts discovering a critical remote code execution vulnerability (CVE-2025-55182, dubbed "React2Shell") in the Reac

lachlan.nz·26d ago

Critical LangChain Core Vulnerability (CVE-2025-68664) Allows Serialization Injection Attacks

Cyata Research discloses LangGrinch (CVE-2025-68664), a critical vulnerability in LangChain Core that allows serialization injection attacks

cyata.ai·5mo ago

MongoDB Security Update: Vulnerability CVE-2025-14847 ("Mongobleed") Identified in December 2025

MongoDB has identified a security vulnerability (CVE-2025-14847, informally called "Mongobleed") affecting MongoDB Server. The company outli

mongodb.com·5mo ago