CVE-2025-14691 | Mayan EDMS up to 4.10.1 /authentication/ cross site scripting

A vulnerability, which was classified as problematic, was found in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting.

This vulnerability was named CVE-2025-14691. The attack may be performed from remote. In addition, an exploit is available.

You should upgrade the affected component.

The vendor confirms that this is “[f]ixed in version 4.10.2”. Furthermore, that “[b]ackports for older versions in process and will be out as soon as their respective CI pipelines complete.”

CVE-2025-14691 | Mayan EDMS up to 4.10.1 /authentication/ cross site scripting

Post correlati

CVE-2024-35522 | Netgear EX3700 AC750 WiFi Range Extender Essentials Edition operating_mode.cgi command injection

CVE-2023-4024 | Radio Player Plugin up to 2.0.73 on WordPress authorization

CVE-2025-22214 | Landray EIS up to 2006 fi_message_receiver.aspx replyid sql injection

CVE-2023-50785 | Zoho ManageEngine ManageEngine ADAudit Plus up to 7269 path traversal