XSS in Progress Software Flowmon Ads

CVE-2026-2513

A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.5 and 13.0.3, whereby an administrator who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated web se…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.001 (21.7th percentile) — read the EPSS interpretation.