CVE-2025-70368
CVE-2025-70368 affects Worklenz v2.1.5, with a Stored XSS in the Project Updates feature. The Updates text field renders un-sanitized input in the reporting view, enabling malicious JavaScript execution in a user’s browser. Root cause: lack of input sanitization for stored payloads. Impact per av...