Vulnerabilities

CVE-2025-66284

by Fred · 12/12/2025

Stored cross-site scripting vulnerabilities exist in GroupSession Free edition prior to ver5.7.1, GroupSession byCloud prior to ver5.7.1, and GroupSession ZION prior to ver5.7.1. A logged-in user can prepare a malicious page or URL, and an arbitrary script may be executed on the web browser when another user accesses it.

More information : https://groupsession.jp/info/info-news/security20251208

Similar

Tags: Cybersecurity Alert