CVE-2025-29526

Publication date

2025-04-23 00:00:00

Family

mitre

State

PUBLISHED

Description

A Cross-Site Scripting (XSS) vulnerability in the search function of Q4 Inc Investor Relations Platform v5.147.1.2 allows attackers to execute arbitrary Javascript via injecting a crafted payload into the SearchTerm parameter.