Login Sign Up

CVE-2025-61550

5.4 MEDIUM
Cross-Site Scripting

📋 TL;DR

This is a stored Cross-Site Scripting (XSS) vulnerability in edu Business Solutions Print Shop Pro WebDesk that allows attackers to inject malicious JavaScript into web pages. The injected code executes in the context of other users' sessions when they view affected pages. All users of the vulnerable version are affected.

💻 Affected Systems

Products:
  • edu Business Solutions Print Shop Pro WebDesk
Versions: version 18.34
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability exists in the default configuration of the web application.

📦 What is this software?

Print Shop Pro Webdesk by Edubusinesssolutions

View all CVEs affecting Print Shop Pro Webdesk →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal session cookies, perform actions as authenticated users, redirect to malicious sites, or install malware on user systems.

🟠

Likely Case

Session hijacking, credential theft, defacement of web pages, or redirection to phishing sites.

🟢

If Mitigated

Limited impact with proper input validation and output encoding; user education about suspicious content.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires access to the vulnerable endpoint; stored XSS payloads persist across sessions.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Unknown

Restart Required: No

Instructions:

1. Contact vendor for patch information. 2. Apply vendor-provided patch. 3. Test in non-production environment first. 4. Deploy to production.

🔧 Temporary Workarounds

Implement Web Application Firewall (WAF)

all

Configure WAF rules to block XSS payloads targeting the vulnerable parameters.

Input Validation Filter

windows

Add server-side input validation to sanitize ctl00_Content01_fieldValue parameters.

🧯 If You Can't Patch

  • Implement Content Security Policy (CSP) headers to restrict script execution.
  • Disable or restrict access to the /psp/appNet/TemplateOrder/TemplatePreview.aspx endpoint.

🔍 How to Verify

Check if Vulnerable:

Test by submitting a simple XSS payload like <script>alert('XSS')</script> to the ctl00_Content01_fieldValue parameter and checking if it executes when page is reloaded.

Check Version:

Check application version in admin interface or configuration files.

Verify Fix Applied:

Retest with XSS payloads; verify input is properly encoded in output and no script execution occurs.

📡 Detection & Monitoring

Log Indicators:

  • Unusual POST requests to /TemplatePreview.aspx with script tags in parameters.
  • Multiple requests with encoded JavaScript payloads.

Network Indicators:

  • HTTP traffic containing script tags or JavaScript in ctl00_Content01_fieldValue parameter values.

SIEM Query:

source="web_logs" AND uri="/TemplatePreview.aspx" AND (param="ctl00_Content01_fieldValue" AND value CONTAINS "script" OR "javascript")

📊 Metadata

CVE ID: CVE-2025-61550
CVSS v3 Score: 5.4 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CWE: CWE-79
EPSS Score: 0.03% exploit probability (9.5th percentile)
Published: January 8, 2026
Last Updated: January 15, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-61550, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)