Detections
Analytics

CVE-2025-9225

medium

Description

Stored cross-site scripting (XSS) in the web interface of MiR software versions prior to 3.0.0 on MiR Robots and MiR Fleet allows execution of arbitrary JavaScript code in a victim’s browser

References

https://supportportal.mobile-industrial-robots.com/documentation/mir-cybersecurity-guide/mir-cybersecurity-guide/

https://mobile-industrial-robots.com/security-advisories/cross-site-scripting

Details

Source: Mitre, NVD

Published: 2025-08-20

Updated: 2026-04-15

Risk Information

CVSS v2

Base Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

Severity: Medium

EPSS

EPSS: 0.00038