CVE-2025-31286

Summary

An HTML injection vulnerability previously discovered in Trend Vision One could have allowed a malicious user to execute arbitrary code.

Please note: this issue has already been addressed on the backend service and is no longer considered an active vulnerability.

Affected Software

VendorProductVersion RangeStatus
Trend Micro, Inc.Trend Vision OneNA < NAaffected

Weaknesses

  • CWE-269: CWE-269: Improper Privilege Mangement

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References