CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-61549

Cross-Site Scripting (XSS) is present on the LoginID parameter on the /PSP/app/web/reg/reg_display.asp endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34. Unsanitized user input is reflected in HTTP responses without proper HTML encoding or escaping. This allows attackers to execute arbitrary JavaScript in the context of a victim s browser session

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 8.7%

CVSS Severity

CVSS v3 Score 6.1

References

https://github.com/chndlrx/vulnerability-disclosures/tree/main/CVE-2025-61549
https://github.com/chndlrx/vulnerability-disclosures/tree/main/CVE-2025-61549

Products affected by CVE-2025-61549

Edubusinesssolutions » Print Shop Pro Webdesk » Version: 18.34

cpe:2.3:a:edubusinesssolutions:print_shop_pro_webdesk:18.34

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-61549

Products

Pricing

Contact Us