CVE-2025-7760

Name of the Vulnerable Software and Affected Versions Ofisimo Web-Based Software Technologies Association Web Package Flora versions 3.0 through 03022026

Description The software contains a flaw related to improper input handling during web page generation, potentially leading to Cross-site Scripting (XSS). This issue occurs through manipulation of HTTP headers. The vendor was contacted regarding this issue but did not provide a response.

Recommendations Versions prior to 3.0 and after 03022026 are not affected. Versions 3.0 through 03022026 should be updated when a patch becomes available.