Cross-site Scripting Vulnerability in Ninja Team File Manager Pro
CVE-2025-52710
5.9MEDIUM
What is CVE-2025-52710?
A Cross-site Scripting vulnerability exists in Ninja Team's File Manager Pro, enabling attackers to inject malicious scripts into web pages. This stored XSS issue can occur when user-supplied input is improperly handled during web page generation. Exploitation of this vulnerability may allow attackers to execute arbitrary JavaScript in the context of other users visiting the affected application. Users are encouraged to update to the latest version to mitigate risks associated with this vulnerability.
Affected Version(s)
File Manager Pro <= 1.8.8