3 matches found
CVE-2025-40648 Stored Cross-Site Scripting (XSS) vulnerability in Issabel products
Stored Cross-Site Scripting XSS vulnerability in Issabel v5.0.0, consisting of a stored XSS due to a lack of proper validation of user input, through the 'numeroconferencia' parameter in '/index.php?menu=conferencia'...
CVE-2025-40648
Issabel v5.0.0 is affected by a Stored Cross-Site Scripting (XSS) vulnerability triggered via the numero_conferencia parameter in /index.php?menu=conferencia. Root cause is insufficient validation of user-supplied data. The issue allows injection of malicious scripts that can be stored and later ...
PT-2025-40241
Name of the Vulnerable Software and Affected Versions Issabel version 5.0.0 Description A stored Cross-Site Scripting XSS issue exists due to insufficient validation of user-supplied data. The issue is triggered through the numero conferencia parameter in the '/index.php?menu=conferencia' API...