Compliance Impact

The reflected cross-site scripting (XSS) vulnerability in the acc-menu_billings.php component of docuForm FSM Server allows attackers to execute arbitrary JavaScript in users' browsers, potentially leading to session hijacking or theft of sensitive information.

Such unauthorized access and exposure of sensitive data can negatively impact compliance with data protection regulations like GDPR and HIPAA, which require safeguarding personal and sensitive information against unauthorized access and breaches.

Therefore, this vulnerability poses a risk to maintaining compliance with these common standards and regulations by potentially enabling data breaches and compromising user data confidentiality.

Useful 0 Not Useful 0

Executive Summary

CVE-2025-61310 is a stored cross-site scripting (XSS) vulnerability in the acc-menu_billings.php component of GmbH Mecury Managed Print Services (docuForm) version 11.11c.

The vulnerability occurs because the application improperly neutralizes user-controllable input, allowing an authenticated attacker to inject arbitrary JavaScript code.

This malicious script is stored by the application and later executed in the browsers of other users, enabling attackers to perform actions such as session hijacking or stealing sensitive information.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can have serious impacts including the execution of arbitrary JavaScript in users' browsers.

• Attackers can hijack user sessions.
• Sensitive information can be stolen from affected users.
• It can lead to unauthorized actions performed on behalf of users.

Useful 0 Not Useful 0

Detection Guidance

Detection of this vulnerability involves identifying attempts to inject malicious JavaScript payloads into the acc-menu_billings.php component of the docuForm FSM Server version 11.11c.

One approach is to monitor HTTP requests to the acc-menu_billings.php page for suspicious input patterns or script tags in query parameters or POST data.

Commands to assist detection could include using tools like curl or wget to send crafted payloads and observe the response, or using web vulnerability scanners that support XSS detection.

• Example curl command to test injection: curl -i -X GET 'http://target/acc-menu_billings.php?param=<script>alert(1)</script>'
• Use grep or log analysis tools to search web server logs for suspicious script tags or unusual input patterns targeting acc-menu_billings.php.

Useful 0 Not Useful 0

Mitigation Strategies

The immediate mitigation step is to apply the vendor-provided fix released in November 2025 for docuForm FSM Server version 11.11c.

Until the patch is applied, restrict access to the vulnerable component to trusted users only and implement input validation or web application firewall (WAF) rules to block malicious payloads targeting acc-menu_billings.php.

Additionally, educate users about the risks of XSS and encourage them to avoid clicking on suspicious links that may exploit this vulnerability.

Useful 0 Not Useful 0