CVE-2025-2154 – Stored XSS in EchoCCS’s Specto CM

CVE ID : CVE-2025-2154

Published : Dec. 24, 2025, 3:16 p.m. | 1 hour, 5 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Echo Call Center Services Trade and Industry Inc. Specto CM allows Stored XSS.This issue affects Specto CM: before 17032025.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…