Unrated severityNVD Advisory· Published Dec 2, 2025· Updated Dec 2, 2025
The feature to import a survey is prone to stored Cross-Site Script attacks
CVE-2025-13873
Description
Stored Cross-Site Scripting (XSS) in the survey-import feature of ObjectPlanet Opinio 7.26 rev12562 on web application allows an attacker to inject arbitrary JavaScript code, which executes in the browsing context of any visitor accessing the compromised survey.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2= 7.26 rev12562+ 1 more
- (no CPE)range: = 7.26 rev12562
- (no CPE)range: 7.26 rev12562
Patches
Vulnerability mechanics
References
1- www.objectplanet.com/opinio/changelog.htmlmitrerelease-notes
News mentions
0No linked articles in our index yet.