Filtered by vendor Perx Technologies
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-11682 | 1 Perx Technologies | 1 Customer Engagement & Loyalty Platform | 2025-10-27 | N/A |
| Stored cross-site scripting (XSS) vulnerability in the LMT Dashboard of the Perx Customer Engagement & Loyalty Platform allows an authenticated attacker to execute arbitrary JavaScript code in a victim's browser. The vulnerability is due to improper sanitization of SVG file uploads. An attacker can upload a malicious SVG file containing a script payload to a campaign. When another user views this image on the public LMT microsite, the script executes, which can lead to session hijacking, data theft, or other unauthorized actions.This issue affects Customer Engagement & Loyalty Platform before 4.617.4. | ||||
Page 1 of 1.