CVE-2025-61550

Name of the Vulnerable Software and Affected Versions edu Business Solutions Print Shop Pro WebDesk version 18.34

Description A Cross-Site Scripting (XSS) issue exists due to improper output encoding or sanitization of user-supplied input. Specifically, the issue is present on the ctl00 Content01 fieldValue parameters of the /psp/appNet/TemplateOrder/TemplatePreview.aspx API endpoint. This allows attackers to inject arbitrary JavaScript that executes in the context of other users' sessions.

Recommendations Update to a newer version that contains a fix for this vulnerability.