CVE-2025-40649 | BBMRI-ERIC Negotiator up to 3.15.4 Query posts cross site scripting (EUVD-2025-32715)

A vulnerability has been found in BBMRI-ERIC Negotiator up to 3.15.4 and classified as problematic. Impacted is an unknown function of the file /api/v3/negotiations//posts of the component Query Handler. The manipulation leads to cross site scripting.

This vulnerability is referenced as CVE-2025-40649. Remote exploitation of the attack is possible. No exploit is available.

The affected component should be upgraded.VulDB Recent EntriesRead More