CVE-2025-10240

Possibility of unintended actions when a user clicks a malicious link in the Progress Flowmon web application

Description

A vulnerability exists in the Progress Flowmon web application prior to version 12.5.5, whereby a user who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated session.

INFO

Published Date :

2025-10-09T12:43:40.906Z

Last Modified :

2026-02-26T17:47:58.397Z

Source :

ProgressSoftware

AFFECTED PRODUCTS

The following products are affected by CVE-2025-10240 vulnerability.

Vendors	Products
Progress	Flowmon

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-10240.

URL	Resource
https://community.progress.com/s/article/Can-CVE-2025-10240-affect-Progress-Flowmon-appliance

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact