CVE-2025-56252
CVE-2025-56252 is a documented XSS in ServitiumCRM 2.10, exploitable via a crafted URL to the mobile parameter, potentially allowing arbitrary code execution. The issue is publicly described across multiple feeds; remediation guidance (e.g., PT-2025-37706) recommends sanitizing/encoding the mobil...