Lucene search
+L

7 matches found

CNVD
CNVD
added 2025/12/25 12:0 a.m.2 views

ChurchCRM Cross-Site Scripting Vulnerability

ChurchCRM is an open source church management system. ChurchCRM suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data on the View Active People, View Inactive People, and View All People pages, which can be exploited b...

9.2CVSS6AI score0.00176EPSS
Exploits1References1
NVD
NVD
added 2025/12/17 10:16 p.m.8 views

CVE-2025-68275

ChurchCRM is an open-source church management system. Versions prior to 6.5.3 have a stored cross-site scripting vulnerability on the pages View Active People, View Inactive people, and View All People. Version 6.5.3 fixes the issue...

9.2CVSS0.00176EPSS
Exploits1References1
CVE
CVE
added 2025/12/17 9:53 p.m.14 views

CVE-2025-68275

ChurchCRM prior to version 6.5.3 contains a stored cross-site scripting vulnerability on the View Active People, View Inactive People, and View All People pages. The root cause is lack of effective filtering and escaping of user-supplied data on these listings, allowing an attacker to inject scri...

9.2CVSS5.7AI score0.00176EPSS
Exploits1References1Affected Software1
EUVD
EUVD
added 2025/12/17 9:53 p.m.4 views

EUVD-2025-203998

ChurchCRM is an open-source church management system. Versions prior to 6.5.3 have a stored cross-site scripting vulnerability on the pages View Active People, View Inactive people, and View All People. Version 6.5.3 fixes the issue...

9.2CVSS5.6AI score0.00176EPSS
Exploits1References1
OSV
OSV
added 2025/12/17 9:53 p.m.5 views

CVE-2025-68275 ChurchCRM vulnerable to Stored XSS - Group name > Person Listing

ChurchCRM is an open-source church management system. Versions prior to 6.5.3 have a stored cross-site scripting vulnerability on the pages View Active People, View Inactive people, and View All People. Version 6.5.3 fixes the issue...

9.2CVSS6AI score0.00176EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/12/17 12:0 a.m.7 views

PT-2025-51940

Name of the Vulnerable Software and Affected Versions ChurchCRM versions prior to 6.5.3 Description ChurchCRM, an open-source church management system, contains a stored cross-site scripting issue. This affects the View Active People, View Inactive people, and View All People pages. Privileged...

9.2CVSS5.9AI score0.00176EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/12/17 12:0 a.m.3 views

ChurchCRM 跨站脚本漏洞

ChurchCRM is an open source church management system. ChurchCRM suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data on the View Active People, View Inactive People, and View All People pages, which can be exploited b...

9.2CVSS5.9AI score0.00176EPSS
Exploits1References2
Rows per page
Query Builder