CVE-2025-15562 | NesterSoft WorkTime up to 11.8.8 API Endpoint urls cross site scripting

Inserito da Angelo Barbosa | Feb 19, 2026 | CVE

A vulnerability has been found in NesterSoft WorkTime up to 11.8.8 and classified as problematic. This issue affects some unknown processing of the file endpoint /report/internet/urls of the component API Endpoint. This manipulation causes cross site scripting.

This vulnerability is tracked as CVE-2025-15562. The attack is possible to be carried out remotely. No exploit exists.

CVE-2025-15562 | NesterSoft WorkTime up to 11.8.8 API Endpoint urls cross site scripting

Post correlati

CVE-2025-5122 | Map Block Leaflet Plugin up to 3.2.1 on WordPress Parameter url cross site scripting

CVE-2024-2993 | Tenda FH1203 2.0.1.6 /goform/QuickIndex formQuickIndex PPPOEPassword stack-based overflow

CVE-2025-4765 | PHPGurukul Zoo Management System 2.1 /admin/contactus.php mobnum sql injection

CVE-2024-2810 | Tenda AC15 15.03.05.18/15.03.20_multi /goform/WifiWpsOOB formWifiWpsOOB index stack-based overflow