CVE-2025-40643 | Status Tracker Energy CRM 2025 Query create_job_submit.php JobCreatedBy cross site scripting

A vulnerability marked as problematic has been reported in Status Tracker Energy CRM 2025. The impacted element is an unknown function of the file /crm/create_job_submit.php of the component Query Handler. Performing manipulation of the argument JobCreatedBy results in cross site scripting.

This vulnerability is known as CVE-2025-40643. Remote exploitation of the attack is possible. No exploit is available.VulDB Recent EntriesRead More