CVE-2025-27405 | Icinga icingaweb2 up to 2.11.4/2.12.2 Setting cross site scripting
A vulnerability was found in Icinga icingaweb2 up to 2.11.4/2.12.2. It has been classified as problematic. This affects an unknown part of the component Setting Handler. The manipulation leads to cross site scripting.
This vulnerability is uniquely identified as CVE-2025-27405. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.