CVE-2025-22568

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Jan 13, 2025

CWE ID 79

Summary

CVE-2025-22568 is a Cross-site Scripting (XSS) vulnerability affecting Paramveer Singh for Arete IT Private Limited's Post and Page Reactions. The flaw, situated in the input neutralization process during webpage generation, enables attackers to inject malicious scripts. This vulnerability, present in versions from n/a through 1.0.5, allows adversaries to carry out Reflected XSS attacks, potentially stealing user data or gaining unauthorized access.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2QbL6j
https://www.cve.org/CVERecord?id=CVE-2025-22568
https://nvd.nist.gov/vuln/detail/CVE-2025-22568

Back to Vulnerability Database

CVE-2025-22568

CVSS 3.1 Score 7.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations