CVE-2025-22588

The vulnerable software is Scanventory, specifically versions from n/a to 1.1.3. The vulnerability is an Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting (XSS), which allows Reflected XSS attacks. This vulnerability is identified by the CVE-2025-22588 code. There is no information provided about a public exploit for this vulnerability or whether it has been exploited by attackers. The vulnerability can be exploited by sending malicious input to the web page generation process, which can lead to the execution of arbitrary code on the victim's browser. No information is available about the number of Internet users that can be affected by the exploitation of this vulnerability. CVE-2025-22588 #Scanventory #XSS #CrossSiteScripting #ReflectedXSS #ImproperNeutralization #InputValidation #WebPageGeneration #ScanventoryVulnerability #CVE202522588