Unrated severityNVD Advisory· Published Nov 20, 2025· Updated Nov 20, 2025
Stored XSS in SOPlanning
CVE-2025-62295
Description
SOPlanning is vulnerable to Stored XSS in /groupe_form endpoint. Malicious attacker with medium privileges can inject arbitrary HTML and JS into website, which will be rendered/executed when opening editor.
This issue was fixed in version 1.55.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=1.54+ 1 more
- (no CPE)range: <=1.54
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
2- cert.pl/en/posts/2025/11/CVE-2025-62293mitrethird-party-advisory
- www.soplanning.org/en/mitreproduct
News mentions
0No linked articles in our index yet.