CVE-2025-14691 | Mayan EDMS up to 4.10.1 /authentication/ cross site scripting

A vulnerability, which was classified as problematic, was found in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting.

This vulnerability was named CVE-2025-14691. The attack may be performed from remote. In addition, an exploit is available.

You should upgrade the affected component.

The vendor confirms that this is “[f]ixed in version 4.10.2”. Furthermore, that “[b]ackports for older versions in process and will be out as soon as their respective CI pipelines complete.”VulDB Recent EntriesRead More