We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
In the PdfViewer component, a Cross-Site Scripting (XSS) vulnerability is possible if a specially-crafted document has already been loaded and the user engages with a tool that requires the DOM to be re-rendered.
Reserved 2025-06-26 | Published 2025-07-02 | Updated 2025-07-02 | Assigner ProgressSoftwareCWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
www.telerik.com/...pdfviewer-xss-vulnerability-cve-2025-6725
www.telerik.com/...e/kb-security-pdfviewer-xss-cve-2025-6725
www.telerik.com/...e/kb-security-pdfviewer-xss-cve-2025-6725
www.telerik.com/...e/kb-security-pdfviewer-xss-cve-2025-6725
www.telerik.com/...e/kb-security-pdfviewer-xss-cve-2025-6725
www.telerik.com/...e/kb-security-pdfviewer-xss-cve-2025-6725
Support options