CVE-2025-65417
Reflected XSS in docuFORM Managed Print Service Client
Publication date: 2026-05-11
Last updated on: 2026-05-11
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| docuform | managed_print_service_client | to 11.11c (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The reflected cross-site scripting (XSS) vulnerability in docuFORM Managed Print Service Client 11.11c can lead to unauthorized access to sensitive data such as credentials or personal information by attackers. This exposure of personal data could potentially result in non-compliance with data protection regulations like GDPR and HIPAA, which require safeguarding personal and sensitive information against unauthorized access and breaches.
Successful exploitation of this vulnerability may allow attackers to hijack user sessions or execute unauthorized actions, increasing the risk of data breaches and unauthorized data processing, which are critical compliance concerns under these regulations.
Can you explain this vulnerability to me?
CVE-2025-65417 is a reflected cross-site scripting (XSS) vulnerability affecting the docuForm Managed Print Service Client version 11.11c. It occurs because the application does not properly sanitize user input on its login page, allowing attackers to inject and execute arbitrary JavaScript code in the victim's browser.
How can this vulnerability impact me? :
Exploitation of this vulnerability can have serious impacts including session hijacking by stealing cookies, theft of sensitive data such as credentials or personal information, execution of unauthorized actions on behalf of the user, and redirecting users to malicious websites that may distribute malware.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability is a reflected cross-site scripting (XSS) issue in the login page of the docuFORM Managed Print Service Client 11.11c. Detection typically involves testing the login page for unsanitized input reflection.
You can detect this vulnerability by sending crafted HTTP requests with typical XSS payloads to the login page and observing if the payload is reflected and executed in the response.
- Use curl or similar tools to send test payloads, for example: curl -X POST -d 'username=<script>alert(1)</script>&password=test' http://target/login
- Use browser developer tools or intercepting proxies (like Burp Suite) to inspect the response for reflected scripts.
- Automated scanners that test for reflected XSS vulnerabilities can also be used against the login page.
What immediate steps should I take to mitigate this vulnerability?
The vendor has released a fix for this vulnerability in November 2025. The immediate step is to update the docuFORM Managed Print Service Client to the fixed version.
Until the update can be applied, consider restricting access to the vulnerable login page to trusted users only or via network controls.
Implement web application firewall (WAF) rules to detect and block typical XSS attack patterns targeting the login page.
Educate users about the risks of clicking suspicious links that might exploit this vulnerability.