CVE-2025-65892

Reflected Cross-Site Scripting rXSS in krpano before version 1.23.2 allows a remote unauthenticated attacker to execute arbitrary JavaScript in the victim's browser via a crafted URL to the passQueryParameters function with the xml parameter enabled...

CVE-2025-65892

Reflected Cross-Site Scripting rXSS in krpano before version 1.23.2 allows a remote unauthenticated attacker to execute arbitrary JavaScript in the victim's browser via a crafted URL to the passQueryParameters function with the xml parameter enabled...

krpano 安全漏洞

krpano is a VR media production and display software toolset from the Austrian company krpano. A security vulnerability exists in krpano versions prior to 1.23.2, which stems from improper handling of the passQueryParameters function and could lead to a reflective cross-site scripting attack...

PT-2025-48371

Reflected Cross-Site Scripting rXSS in krpano before version 1.23.2 allows a remote unauthenticated attacker to execute arbitrary JavaScript in the victim's browser via a crafted URL to the passQueryParameters function with the xml parameter enabled...

CVE-2025-65892

Reflected Cross-Site Scripting rXSS in krpano before version 1.23.2 allows a remote unauthenticated attacker to execute arbitrary JavaScript in the victim's browser via a crafted URL to the passQueryParameters function with the xml parameter enabled...