Back to CVE List

CVE-2025-65187

Vulnerability Description

A Stored Cross Site Scripting vulnerability exists in CiviCRM before v6.7 in the Accounting Batches field. An authenticated user can inject malicious JavaScript into this field and it executes whenever the page is viewed.

Vulnerability Details

Published Date
Last Modified
Source
NVD

Discussion (0)

Add Comment

No comments yet. Be the first!