CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Civicrm: >> Civicrm >> 5.24.5 Security Vulnerabilities

CVE-2025-65187

A Stored Cross Site Scripting vulnerability exists in CiviCRM before v6.7 in the Accounting Batches field. An authenticated user can inject malicious JavaScript into this field and it executes whenever the page is viewed.

CVSS Score

6.1

EPSS Score

0.0

Published

2025-12-02

Page 1

Vulnerabilities

Vulnerable Software

Civicrm: >> Civicrm >> 5.24.5 Security Vulnerabilities

Products

Pricing

Contact Us