CVE-2025-9158 | Best Practical Request Tracker up to 5.0.8/6.0.1 Calendar Invitation Parser cross site scripting (EUVD-2025-35802)

A vulnerability, which was classified as problematic, was found in Best Practical Request Tracker up to 5.0.8/6.0.1. Affected by this vulnerability is an unknown functionality of the component Calendar Invitation Parser. Executing manipulation can lead to cross site scripting.

This vulnerability appears as CVE-2025-9158. The attack may be performed from remote. There is no available exploit.