CVE-2025-12699
The CVE-2025-12699 entry concerns the ZOLL ePCR iOS Mobile Application. The issue arises when unsanitized user input inserted into a WebView (PCR fields: run number, incident, call sign, notes) is interpreted as HTML/JS. In the provided POC, injected scripts could read local files from the app’s ...