Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2025-65892

Reflected Cross-Site Scripting (rXSS) in krpano before version 1.23.2 allows a remote unauthenticated attacker to execute arbitrary JavaScript in the victim's browser via a crafted URL to the passQueryParameters function with the xml parameter enabled.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 13.3%
CVSS Severity
CVSS v3 Score 6.1
Products affected by CVE-2025-65892
  • Krpano » Krpano » Version: 1.20
    cpe:2.3:a:krpano:krpano:1.20
  • Krpano » Krpano » Version: 1.20.1
    cpe:2.3:a:krpano:krpano:1.20.1
  • Krpano » Krpano » Version: 1.20.2
    cpe:2.3:a:krpano:krpano:1.20.2
  • Krpano » Krpano » Version: 1.20.3
    cpe:2.3:a:krpano:krpano:1.20.3
  • Krpano » Krpano » Version: 1.20.4
    cpe:2.3:a:krpano:krpano:1.20.4
  • Krpano » Krpano » Version: 1.20.5
    cpe:2.3:a:krpano:krpano:1.20.5
  • Krpano » Krpano » Version: 1.20.6
    cpe:2.3:a:krpano:krpano:1.20.6
  • Krpano » Krpano » Version: 1.20.7
    cpe:2.3:a:krpano:krpano:1.20.7
  • Krpano » Krpano » Version: 1.20.8
    cpe:2.3:a:krpano:krpano:1.20.8
  • Krpano » Krpano » Version: 1.20.9
    cpe:2.3:a:krpano:krpano:1.20.9


Products
Pricing
Contact Us

Shodan ® - All rights reserved