CVE-2025-25035

Published Mar 21, 2025

Last updated 14 days ago

CVSS high 7.3

Overview

Description
Improper Neutralization of Input During Web Page Generation Cross-site Scripting vulnerability in Jalios JPlatform 10 allows for Reflected XSS and Stored XSS.This issue affects JPlatform 10: before 10.0.8 (SP8), before 10.0.7 (SP7), before 10.0.6 (SP6) and Jalios Workplace 6.2, Jalios Workplace 6.1, Jalios Workplace 6.0, and Jalios Workplace 5.3 to 5.5
Source
disclosure@vulncheck.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.3
Impact score
5.2
Exploitability score
2.1
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
Severity
HIGH

Weaknesses

disclosure@vulncheck.com
CWE-79

Social media

Hype score
Not currently trending

  1. 🚨 CVE-2025-25035 πŸ”΄ HIGH (7.3) 🏒 Jalios - JPlatform πŸ—οΈ 0 πŸ”— https://t.co/4TQeiGUYyN πŸ”— https://t.co/mA1uZR0A5X πŸ”— https://t.co/1DSwtaA5nc πŸ”— https://t.co/tVA77QNcSu πŸ”— https://t.co/1T1eOwsdnd #CyberCron #VulnAlert #InfoSec https://t.co/WBnS6t51h1

    @cybercronai

    23 Mar 2025

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2025-25035 Cross-Site Scripting Vulnerability in Jalios JPlatform 10 and Workplace Versions https://t.co/1D6Mo8NW1P

    @VulmonFeeds

    21 Mar 2025

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. CVE-2025-25035 Improper Neutralization of Input During Web Page Generation Cross-site Scripting vulnerability in Jalios JPlatform 10 allows for Reflected XSS and Stored XSS.This iss… https://t.co/q5zqJZVvJl

    @CVEnew

    21 Mar 2025

    348 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References