CVE-2025-51629 | THREATINT

Description

A cross-site scripting (XSS) vulnerability in the PdfViewer component of Agenzia Impresa Eccobook 2.81.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Temp parameter.

PUBLISHED Reserved 2025-06-16 | Published 2025-08-07 | Updated 2025-08-07 | Assigner mitre

References

eccobook.com

agenzia.com

github.com/...blob/main/CVE PoC/CVE-2025-51629 | Eccobook.md

cve.org (CVE-2025-51629)

nvd.nist.gov (CVE-2025-51629)

Download JSON