CVE-2025-1807 | Eastnets PaymentSafe 2.5.26.0 Edit Manual Reply /directRouter.rfc Title cross site scripting

A vulnerability, which was classified as problematic, was found in Eastnets PaymentSafe 2.5.26.0. This affects an unknown part of the file /directRouter.rfc of the component Edit Manual Reply Handler. The manipulation of the argument Title leads to basic cross site scripting.

This vulnerability is uniquely identified as CVE-2025-1807. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-1807 | Eastnets PaymentSafe 2.5.26.0 Edit Manual Reply /directRouter.rfc Title cross site scripting

Post correlati

CVE-2024-13025 | Codezips College Management System 1.0 /Front-end/faculty.php book_name/book_author sql injection

CVE-2024-11708 | Mozilla Firefox up to 132 Thread information disclosure

CVE-2024-47358 | Popup Maker Plugin up to 1.19.2 on WordPress authorization

CVE-2024-5416 | Elementor Website Builder Plugin up to 3.23.4 on WordPress URL Parameter cross site scripting