CVE-2025-40681 | xCally Omnichannel 3.30.1 URL /login failureMessage cross site scripting

A vulnerability marked as problematic has been reported in xCally Omnichannel 3.30.1. This vulnerability affects unknown code of the file /login of the component URL Handler. The manipulation of the argument failureMessage leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-40681. The attack is possible to be carried out remotely. No exploit exists.VulDB Recent EntriesRead More