CVE-2025-61310
Received Received - Intake
Reflected XSS in Mecury Managed Print Services

Publication date: 2026-05-11

Last updated on: 2026-05-11

Assigner: MITRE

Description
A reflected cross-site scripted (XSS) vulnerability in the acc-menu_billings.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-11
Last Modified
2026-05-11
Generated
2026-05-11
AI Q&A
2026-05-11
EPSS Evaluated
N/A
NVD
CVE-2025-61310
EUVD
EUVD-2025-209769
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
gmbh_mecury docuform 11.11c
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-61310 is a stored cross-site scripting (XSS) vulnerability in the acc-menu_billings.php component of GmbH Mecury Managed Print Services (docuForm) version 11.11c.

The vulnerability occurs because the application improperly neutralizes user-controllable input, allowing an authenticated attacker to inject arbitrary JavaScript code.

This malicious script is stored by the application and later executed in the browsers of other users, enabling attackers to perform actions such as session hijacking or stealing sensitive information.


How can this vulnerability impact me? :

This vulnerability can have serious impacts including the execution of arbitrary JavaScript in users' browsers.

  • Attackers can hijack user sessions.
  • Sensitive information can be stolen from affected users.
  • It can lead to unauthorized actions performed on behalf of users.

How can this vulnerability be detected on my network or system? Can you suggest some commands?

Detection of this vulnerability involves identifying attempts to inject malicious JavaScript payloads into the acc-menu_billings.php component of the docuForm FSM Server version 11.11c.

One approach is to monitor HTTP requests to the acc-menu_billings.php page for suspicious input patterns or script tags in query parameters or POST data.

Commands to assist detection could include using tools like curl or wget to send crafted payloads and observe the response, or using web vulnerability scanners that support XSS detection.

  • Example curl command to test injection: curl -i -X GET 'http://target/acc-menu_billings.php?param=<script>alert(1)</script>'
  • Use grep or log analysis tools to search web server logs for suspicious script tags or unusual input patterns targeting acc-menu_billings.php.

What immediate steps should I take to mitigate this vulnerability?

The immediate mitigation step is to apply the vendor-provided fix released in November 2025 for docuForm FSM Server version 11.11c.

Until the patch is applied, restrict access to the vulnerable component to trusted users only and implement input validation or web application firewall (WAF) rules to block malicious payloads targeting acc-menu_billings.php.

Additionally, educate users about the risks of XSS and encourage them to avoid clicking on suspicious links that may exploit this vulnerability.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart