CVE-2025-52179
EUVD-2025-3719430.10.2025, 19:16
Cross-site scripting (XSS) vulnerability in Zucchetti Ad Hoc Revolution 4.1 and earlier allows remote unauthenticated attackers to inject arbitrary JavaScript via the pHtmlSource parameter of the /ahrw/jsp/gsfr_feditorHTML.jsp endpoint.
Awaiting analysis
This vulnerability is currently awaiting analysis.