CVE-2025-22491

CVSS v3.1

6.7

Medium

Vector

AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Foreseer Reporting Software (FRS) versions prior to 1.5.100

Description The issue arises from unsanitized user input on the Reporting Hierarchy Management page of the FRS application, potentially leading to the execution of arbitrary JavaScript in a browser context for all interacting users.

Recommendations For versions prior to 1.5.100, update to version 1.5.100 to resolve the issue.

Fix

XSS

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79CWE-20

Related Identifiers

CVE-2025-22491

Affected Products

Foreseer Reporting

CVE-2025-22491

Weakness Enumeration

Related Identifiers

Affected Products

References · 7