PatchSiren cyber security CVE debrief
CVE-2025-4763 Aida Computer Information Technology Inc. CVE debrief
CVE-2025-4763 is a reflected XSS vulnerability in Aida Computer Information Technology Inc.'s Hotel Guest Hotspot product. The vulnerability has a CVSS score of 5.5 and a severity of MEDIUM. The issue affects Hotel Guest Hotspot through version 22012026.
- Vendor
- Aida Computer Information Technology Inc.
- Product
- Hotel Guest Hotspot
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-01-22
- Original CVE updated
- 2026-06-05
- Advisory published
- 2026-01-22
- Advisory updated
- 2026-06-05
Who should care
Users of Aida Computer Information Technology Inc.'s Hotel Guest Hotspot product should apply patches or mitigations to prevent exploitation of this vulnerability.
Technical summary
The vulnerability is caused by improper neutralization of input during web page generation, allowing for reflected XSS attacks. The CVSS vector for this vulnerability is CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L.
Defensive priority
MEDIUM
Recommended defensive actions
- Apply patches or updates provided by the vendor to fix the vulnerability.
- Implement additional security measures such as input validation and output encoding to prevent similar attacks.
Evidence notes
The CVE record and NVD detail pages provide additional information about the vulnerability.
Official resources
-
CVE-2025-4763 CVE record
CVE.org
-
CVE-2025-4763 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
-
Mitigation or vendor reference
[email protected] - Third Party Advisory
CVE-2025-4763 was published on 2026-01-22T10:16:07.320Z and modified on 2026-06-05T16:16:33.280Z.