CVE-2025-32551

Name of the Vulnerable Software and Affected Versions: Jaap Jansma Connector to CiviCRM with CiviMcRestFace versions 1.0.8 and earlier

Description: The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting', which allows reflected XSS. This problem affects the Jaap Jansma Connector to CiviCRM with CiviMcRestFace.

Recommendations: For versions 1.0.8 and earlier, update to a version later than 1.0.8 to resolve the issue. As a temporary workaround, consider restricting input to prevent XSS attacks until a patch is available.