CVE-2025-22499

The vulnerable software is FAKTOR VIER F4 Post Tree, with versions ranging from n/a to 1.1.18. The vulnerability is an Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting' (XSS), which allows Reflected XSS. This vulnerability can be exploited by attackers to inject malicious scripts into web pages, potentially affecting users of the F4 Post Tree software. There is a public reference to this vulnerability, identified as CVE-2025-22499. No information is provided about the number of Internet users that can be affected by the exploitation of this vulnerability. It is recommended to update the F4 Post Tree software to a version later than 1.1.18 to mitigate this vulnerability. #FAKTORVIER #F4PostTree #CrossSiteScripting #XSS #ReflectedXSS #CVE202522499 #ImproperNeutralization #InputValidation #WebSecurity #Vulnerability