CVE-2025-65465

Name of the Vulnerable Software and Affected Versions Skrol29 TbsZip versions 2.17 and earlier

Description A reflected Cross-Site Scripting (XSS) issue exists in the RaiseError function of Skrol29 TbsZip. The issue occurs because error messages are not properly sanitized before being displayed to the user. This allows a remote attacker to execute arbitrary web script or HTML by providing a crafted payload within a filename parameter, such as when used with the FileRead function.

Recommendations Update to version 2.18 or later.