CRITICAL
Zenitel
CVE published 2025-11-25
CVE-2025-64130
CVE-2025-64130 affects Zenitel TCIV-3+ and is described by CISA as a reflected cross-site scripting issue that could allow a remote attacker to execute arbitrary JavaScript in the victim’s browser. The advisory assigns a CVSS 3.1 score of 9.8 (Critical) and Zenitel recommends upgrading to Version 9.3.3.0 or later.