Unrated severityNVD Advisory· Published Oct 30, 2025· Updated Oct 31, 2025
CVE-2025-52180
CVE-2025-52180
Description
Cross-site scripting (XSS) vulnerability in Zucchetti Ad Hoc Infinity 4.2 and earlier allows remote unauthenticated attackers to inject arbitrary JavaScript via the pHtmlSource parameter of the /ahi/jsp/gsfr_feditorHTML.jsp?pHtmlSource endpoint.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <=4.2
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.