aqwainfosec/CVE-2025-56807

Releases0

CVE-2025-56807: A Stored Cross Site Scripting (XSS) vulnerability was discovered in FairSketch RISE Ultimate Project Manager & CRM (v3.9.4) in the File Manager functionality.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-56807 ↗	Sep 29, 2025Monday, 29 September 2025, 18:15	6.1 MEDIUM	—
A cross-site scripting (XSS) vulnerability in FairSketch RISE Ultimate Project Manager & CRM 3.9.4 allows an administrator to store a JavaScript payload using the file explorer in the admin dashboard when creating new folders.