Security Advisory

CVE-2025-66561

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-04 22:27:52

Last updated 2025-12-05 17:28:41

Assigner GitHub_M

State PUBLISHED

Description

SysReptor is a fully customizable pentest reporting platform. Prior to 2025.102, there is a Stored Cross-Site Scripting (XSS) vulnerability allows authenticated users to execute malicious JavaScript in the context of other logged-in users by uploading malicious JavaScript files in the web UI. This vulnerability is fixed in 2025.102.

← Browse all CVEs View on cve.org ↗