CVE-2025-6725 | Progress Kendo UI for jQuery PdfViewer cross site scripting

A vulnerability has been found in Progress Kendo UI for jQuery, Kendo UI for Angular, KendoReact, Telerik UI for ASP.NET MVC, Telerik UI for ASP.NET Core and Telerik UI for Blazor and classified as problematic. Affected by this vulnerability is an unknown functionality of the component PdfViewer. The manipulation leads to cross site scripting.

This vulnerability is known as CVE-2025-6725. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-6725 | Progress Kendo UI for jQuery PdfViewer cross site scripting

Post correlati

CVE-2024-24888 | Kadence WP Gutenberg Blocks Plugin up to 3.2.25 on WordPress server-side request forgery

CVE-2024-4630 | Starter Templates Plugin up to 4.2.1 on WordPress cross site scripting

CVE-2024-2682 | Campcodes Online Job Finder System 1.0 controller.php EMPLOYEEID cross site scripting

CVE-2024-45838 | goTenna Pro ATAK Plugin up to 1.9.12 Callsign cleartext transmission (icsa-24-270-05)