CVE-2025-65640 in Globe Document Intelligenceالمعلومات

الملخص

بحسب MITRE • 04/06/2026

Cross Site Scripting (XSS) vulnerability in the "Task in Progress / Recent" page in Arket Globe Document Intelligence 5.0.0.559 due to improper sanitization of user input in text fields when creating a new document. Specifically, when an authenticated attacker submits data containing JavaScript code within these fields, the application fails to properly sanitize or escape the content. As a result, the injected script is executed when the page is rendered, allowing the attacker to execute arbitrary JavaScript in the context of other users' browsers who view the affected page.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

MITRE

حجز

18/11/2025

إفشاء

04/06/2026

الاعتدال

تمت الموافقة

إدخال

VDB-368406

CPE

جاهز

CWE

CWE-79 (مؤكد)

CVSS

6.3 (CISA-ADP)

EPSS

0.00000

KEV

لا

النشاطات

منخفض

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-65640
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-65640
CVE Details	https://www.cvedetails.com/cve/CVE-2025-65640/

التالي ▸نظرة عامة ◂ السابق

Do you know our Splunk app?

Download it now for free!