Connector to CiviCRM with CiviMcRestFace, CVE-2025-32551

CVE, Research URL: CVE-2025-32551
Home page URL: Security reports for Connector to CiviCRM with CiviMcRestFace
Application: Connector to CiviCRM with CiviMcRestFace
Published on: Apr 11, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jaap Jansma Connector to CiviCRM with CiviMcRestFace allows Reflected XSS. This issue affects Connector to CiviCRM with CiviMcRestFace: from n/a through 1.0.8.
Affected versions: Min -, max 1.0.9.
Status: vulnerable