Vulnerabilities

CVE-2025-66561

by Fred · 04/12/2025

SysReptor is a fully customizable pentest reporting platform. Prior to 2025.102, there is a Stored Cross-Site Scripting (XSS) vulnerability allows authenticated users to execute malicious JavaScript in the context of other logged-in users by uploading malicious JavaScript files in the web UI. This vulnerability is fixed in 2025.102.

More information : https://github.com/Syslifters/sysreptor/security/advisories/GHSA-64vw-v5c4-mgvm

Similar

Tags: Cybersecurity Alert