Unrated severityNVD Advisory· Published Dec 22, 2025· Updated Dec 23, 2025

CVE-2025-65270

Description

Reflected cross-site scripting (XSS) vulnerability in ClinCapture EDC 3.0 and 2.2.3, allowing an unauthenticated remote attacker to execute JavaScript code in the context of the victim's browser.

Affected products

ClinCapture EDC/ClinCapture EDCdescription
ClinCapture/EDCllm-create
Range: 3.0, 2.2.3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.clincapture.commitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000