Reflected Cross-Site Scripting Vulnerability in SVX Portal by DeepStrike
CVE-2025-63725

Currently unrated

Key Information:

Vendor: DeepStrike
Status: SVX Portal
Vendor: CVE Published:; 14 November 2025

What is CVE-2025-63725?

A reflected Cross-Site Scripting (XSS) vulnerability exists in SVX Portal 2.7A that can be exploited via the 'id' parameter in Recivers.php. This flaw allows attackers to inject malicious scripts into the web pages viewed by users, potentially compromising sensitive user data and leading to unauthorized actions on behalf of the user.

References

https://deepstrike.io/blog/sql-injection-in-svx-portal-v-...

https://deepstrike.io/blog/reflected-xss-via-unescaped-at...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 14, 2025
Vulnerability Reserved
Oct 27, 2025

JSON