Eximbills Enterprise

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2025-64030 MEDIUM POC This Month

Eximbills Enterprise 4.1.5 (Built on 2020-10-30) is vulnerable to authenticated stored cross-site scripting (CWE-79) via the /EximBillWeb/servlets/WSTrxManager endpoint. Unsanitized user input in the TMPL_INFO parameter is stored server-side and rendered to other users, enabling arbitrary JavaScript execution in their browsers.

XSS Eximbills Enterprise

NVD

CVSS 3.1

5.4

EPSS

0.0%

CVE-2025-64030

EPSS 0% CVSS 5.4

MEDIUM POC This Month

Eximbills Enterprise 4.1.5 (Built on 2020-10-30) is vulnerable to authenticated stored cross-site scripting (CWE-79) via the /EximBillWeb/servlets/WSTrxManager endpoint. Unsanitized user input in the TMPL_INFO parameter is stored server-side and rendered to other users, enabling arbitrary JavaScript execution in their browsers.

XSS Eximbills Enterprise

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy