High-Risk Ivanti EPM Vulnerability Opens Door to Admin Session Hijacking

A critical stored cross-site scripting (XSS) vulnerability in Ivanti Endpoint Manager (EPM) enables unauthenticated attackers to hijack administrator sessions by injecting malicious JavaScript into the management dashboard. The vulnerability, identified as CVE-2025-10573 with a CVSS score of 9.6, affects all versions below EPM 2024 SU4 SR1 and poses an immediate threat to enterprise environments managing […]

The post High-Risk Ivanti EPM Vulnerability Opens Door to Admin Session Hijacking appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.