{"id":"CVE-2025-41101","details":"HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'title' in'/projects/save'.","modified":"2026-03-13T03:09:57.145397Z","published":"2025-11-11T12:15:34.550Z","references":[{"type":"ADVISORY","url":"https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-fairsketchs-rise-crm-framework"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-41101.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"3.9"}]}]}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"}]}