CVE-2025-65417
Reflected XSS in docuFORM Managed Print Service Client
Publication date: 2026-05-11
Last updated on: 2026-05-11
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| docuform | managed_print_service_client | to 11.11c (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-65417 is a reflected cross-site scripting (XSS) vulnerability affecting the docuForm Managed Print Service Client version 11.11c. It occurs because the application does not properly sanitize user input on its login page, allowing attackers to inject and execute arbitrary JavaScript code in the victim's browser.
How can this vulnerability impact me? :
Exploitation of this vulnerability can have serious impacts including session hijacking by stealing cookies, theft of sensitive data such as credentials or personal information, execution of unauthorized actions on behalf of the user, and redirecting users to malicious websites that may distribute malware.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability is a reflected cross-site scripting (XSS) issue in the login page of the docuFORM Managed Print Service Client 11.11c. Detection typically involves testing the login page for unsanitized input reflection.
You can detect this vulnerability by sending crafted HTTP requests with typical XSS payloads to the login page and observing if the payload is reflected and executed in the response.
- Use curl or similar tools to send test payloads, for example: curl -X POST -d 'username=<script>alert(1)</script>&password=test' http://target/login
- Use browser developer tools or intercepting proxies (like Burp Suite) to inspect the response for reflected scripts.
- Automated scanners that test for reflected XSS vulnerabilities can also be used against the login page.
What immediate steps should I take to mitigate this vulnerability?
The vendor has released a fix for this vulnerability in November 2025. The immediate step is to update the docuFORM Managed Print Service Client to the fixed version.
Until the update can be applied, consider restricting access to the vulnerable login page to trusted users only or via network controls.
Implement web application firewall (WAF) rules to detect and block typical XSS attack patterns targeting the login page.
Educate users about the risks of clicking suspicious links that might exploit this vulnerability.