CVE-2025-68275 | ChurchCRM up to 6.5.2 View Active People cross site scripting

A vulnerability labeled as problematic has been found in ChurchCRM up to 6.5.2. This issue affects some unknown processing of the component View Active People/View Inactive People/View All People. Such manipulation leads to cross site scripting.

This vulnerability is listed as CVE-2025-68275. The attack may be performed from remote. There is no available exploit.

The affected component should be upgraded.VulDB Recent EntriesRead More