XSS in Azon Dominator Php Script

CVE-2025-40725

Reflected Cross-Site Scripting (XSS) vulnerability in Azon Dominator. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL using the “q” parameter in /search via GET. This…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.003 (22.2th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References