CVE-2025-68275

Published December 17th, 2025

View on NVD ↗

CVSS v3

4.8

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

ChurchCRM is an open-source church management system. Versions prior to 6.5.3 have a stored cross-site scripting vulnerability on the pages `View Active People`, `View Inactive people`, and `View All People`. Version 6.5.3 fixes the issue.

ChurchCRM/CRM

ChurchCRM - A free and open-source Church Management Software (ChMS) to help churches manage their membership data, groups, events, and finances.

GitHub

890