CVE-2025-40989 | Creativeitem Ekushey CRM 5.0 Query add Message cross site scripting

Inserito da Angelo Barbosa | Ott 2, 2025 | CVE

A vulnerability categorized as problematic has been discovered in Creativeitem Ekushey CRM 5.0. This issue affects some unknown processing of the file /ekushey/index.php/client/project_message/add/ of the component Query Handler. Such manipulation of the argument Message leads to cross site scripting.

This vulnerability is documented as CVE-2025-40989. The attack can be executed remotely. There is not any exploit available.

CVE-2025-40989 | Creativeitem Ekushey CRM 5.0 Query add Message cross site scripting

Post correlati

CVE-2024-51801 | Jake Brown Brand My Footer Plugin up to 1.1 on WordPress cross site scripting

CVE-2024-44278 | Apple macOS information disclosure

CVE-2024-5240 | Campcodes Complete Web-Based School Management System 1.0 /view/unread_msg.php my_index sql injection

CVE-2025-27025 | Infinera G42 up to 7.0 Endpoint insufficient permissions or privileges (EUVD-2025-19706)