CVE-2025-40991 | Creativeitem Ekushey CRM 5.0 Query upload Description cross site scripting

A vulnerability was found in Creativeitem Ekushey CRM 5.0. It has been rated as problematic. This vulnerability affects unknown code of the file /ekushey/index.php/client/project_file/upload/ of the component Query Handler. This manipulation of the argument Description causes cross site scripting.

This vulnerability is registered as CVE-2025-40991. Remote exploitation of the attack is possible. No exploit is available.VulDB Recent EntriesRead More