CVE-2025-40990 | Creativeitem Ekushey CRM 5.0 Query create title/description cross site scripting

A vulnerability was found in Creativeitem Ekushey CRM 5.0. It has been declared as problematic. This affects an unknown part of the file /ekushey/index.php/client/project_bug/create/ of the component Query Handler. The manipulation of the argument title/description results in cross site scripting.

This vulnerability is cataloged as CVE-2025-40990. The attack may be launched remotely. There is no exploit available.VulDB Recent EntriesRead More