CVE-2025-40989 | Creativeitem Ekushey CRM 5.0 Query add Message cross site scripting

A vulnerability categorized as problematic has been discovered in Creativeitem Ekushey CRM 5.0. This issue affects some unknown processing of the file /ekushey/index.php/client/project_message/add/ of the component Query Handler. Such manipulation of the argument Message leads to cross site scripting.

This vulnerability is documented as CVE-2025-40989. The attack can be executed remotely. There is not any exploit available.VulDB Recent EntriesRead More