Security Advisory

CVE-2025-13873

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-02 09:56:16

Last updated 2025-12-02 16:54:53

Assigner TCS-CERT

State PUBLISHED

Description

Stored Cross-Site Scripting (XSS) in the survey-import feature of ObjectPlanet Opinio 7.26 rev12562 on web application allows an attacker to inject arbitrary JavaScript code, which executes in the browsing context of any visitor accessing the compromised survey.

← Browse all CVEs View on cve.org ↗