PT-2025-50871 · Unknown · Groupsession Bycloud+2
Published
2025-12-12
·
Updated
2026-02-17
·
CVE-2025-53523
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
GroupSession versions prior to 5.3.0
GroupSession byCloud versions prior to 5.3.3
GroupSession ZION versions prior to 5.3.2
Description
A flaw exists that allows a logged-in user to create a malicious page or URL. When another user accesses this content, an arbitrary script may be executed in their web browser. This is due to stored cross-site scripting.
Recommendations
Update GroupSession to version 5.3.0 or later.
Update GroupSession byCloud to version 5.3.3 or later.
Update GroupSession ZION to version 5.3.2 or later.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Groupsession
Groupsession Zion
Groupsession Bycloud