CVE-2025-65892 | krpano up to 1.23.1 URL passQueryParameters xml cross site scripting (EUVD-2025-199902)

A vulnerability was found in krpano up to 1.23.1. It has been rated as problematic. This affects the function passQueryParameters of the component URL Handler. This manipulation of the argument xml causes cross site scripting.

This vulnerability is handled as CVE-2025-65892. The attack can be initiated remotely. There is not any exploit available.

Upgrading the affected component is advised.VulDB Recent EntriesRead More