XSS in Akcess-net Lepszy Bip

CVE-2025-7761

Lepszy BIP is vulnerable to Reflected Cross-Site Scripting (XSS). Improper input validation in index.php form in one of the parameters allows arbitrary JavaScript to be executed on victim's browser when specially crafted URL is opened. Th…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.004 (33.4th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2025-7761?
CVE-2025-7761 is a vulnerability in Akcess-net Lepszy Bip, classified under Cross-site Scripting. Published 2025-08-14.
Is CVE-2025-7761 known to be exploited?
1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.