CVE-2025-41768 — An high privileged remote attacker can inject arbitrary content into the custom CSS field on the affected devices due to improper neutralization of input during web page generation ('Cross-site Sc — CVE Database · The Intelligence Room