CVE-2025-41001

Description

Cross Site Scripting (XSS) vulnerability stored in SOPlanning v1.53.02, which consist of a stored XSS due to a lack of proper validation of user input by sending a POST request using the LOGOUT_REDIRECT parameter in /soplanning/www/process/options.php. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and steal their cookie session details.