CVE-2025-49410

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Imran Emu TC Testimonials versions through 1.1.1

Description: Improper neutralization of input during web page generation allows for stored cross-site scripting (XSS). This issue enables the injection of malicious scripts into web pages.

Recommendations: Update Imran Emu TC Testimonials to a version later than 1.1.1.

Fix

XSS

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79CWE-434

Related Identifiers

CVE-2025-49410

Affected Products

Imran Emu Tc Testimonials

CVE-2025-49410

Weakness Enumeration

Related Identifiers

Affected Products

References · 4