VYPR
Unrated severityNVD Advisory· Published Dec 2, 2025· Updated Dec 2, 2025

The feature to import a survey is prone to stored Cross-Site Script attacks

CVE-2025-13873

Description

Stored Cross-Site Scripting (XSS) in the survey-import feature of ObjectPlanet Opinio 7.26 rev12562 on web application allows an attacker to inject arbitrary JavaScript code, which executes in the browsing context of any visitor accessing the compromised survey.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Objectplanet/Opiniollm-fuzzy2 versions
    = 7.26 rev12562+ 1 more
    • (no CPE)range: = 7.26 rev12562
    • (no CPE)range: 7.26 rev12562

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.