CVE-2025-22775

Summary

CVE-2025-22775 is a Cross-Site Scripting (XSS) vulnerability affecting the idIA Tech Catalog Importer, Scraper & Crawler from versions n/a to 5.1.3. This issue arises due to improper neutralization of user inputs during web page generation. An attacker can exploit this vulnerability by injecting malicious scripts into a web page, potentially gaining unauthorized access to user sessions or stealing sensitive data. The consequences of this vulnerability can lead to serious security risks for organizations using the affected software. It is strongly recommended that users upgrade to a patched version as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.