Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-65187

Опубликовано: 02 дек. 2025
Источник: nvd
CVSS3: 6.1
EPSS Низкий

Описание

A Stored Cross Site Scripting vulnerability exists in CiviCRM before v6.7 in the Accounting Batches field. An authenticated user can inject malicious JavaScript into this field and it executes whenever the page is viewed.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:civicrm:civicrm:*:*:*:*:*:*:*:*
Версия до 6.7.0 (исключая)

EPSS

Процентиль: 13%
0.00044
Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

ubuntu логотип

CVE-2025-65187

CVSS3: 6.1
ubuntu
2 месяца назад

A Stored Cross Site Scripting vulnerability exists in CiviCRM before v6.7 in the Accounting Batches field. An authenticated user can inject malicious JavaScript into this field and it executes whenever the page is viewed.

debian логотип

CVE-2025-65187

CVSS3: 6.1
debian
2 месяца назад

A Stored Cross Site Scripting vulnerability exists in CiviCRM before v ...

github логотип

GHSA-cf64-8857-h96q

CVSS3: 6.1
github
2 месяца назад

A Stored Cross Site Scripting vulnerability exists in CiviCRM before v6.7 in the Accounting Batches field. An authenticated user can inject malicious JavaScript into this field and it executes whenever the page is viewed.

EPSS

Процентиль: 13%
0.00044
Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79