CVE-2025-61549 is a Cross-Site Scripting (XSS) vulnerability identified in edu Business Solutions Print Shop Pro WebDesk version 18.34. The issue resides in the LoginID parameter of the /PSP/app/web/reg/reg_display.asp endpoint, where user-supplied input is reflected back in HTTP responses without proper HTML encoding or escaping. This improper input validation allows attackers to inject and execute arbitrary JavaScript code within the victim’s browser session. The vulnerability is classified under CWE-79, which covers improper neutralization of input during web page generation. Exploitation requires no authentication but does require user interaction, such as clicking a crafted link or visiting a malicious page that triggers the payload. The vulnerability impacts confidentiality and integrity by enabling session hijacking, credential theft, or unauthorized actions performed in the context of the victim’s session. Availability is not directly affected. The CVSS v3.1 base score is 6.1, indicating a medium severity level, with attack vector network (AV:N), low attack complexity (AC:L), no privileges required (PR:N), user interaction required (UI:R), scope changed (S:C), and partial impact on confidentiality and integrity (C:L/I:L/A:N). The vulnerability was reserved in late 2025 and published in early 2026. A fixed version, 19.76, has been released by the vendor. No known exploits have been reported in the wild to date. Organizations running the vulnerable version should prioritize patching and implement additional mitigations to reduce risk.

For European organizations, this XSS vulnerability poses risks primarily to confidentiality and integrity of user sessions within the Print Shop Pro WebDesk environment. Attackers could leverage the flaw to steal session cookies, perform actions on behalf of authenticated users, or deliver malicious payloads leading to further compromise. While availability is not directly impacted, the breach of user trust and potential data leakage could have regulatory and reputational consequences, especially under GDPR. Organizations relying on this software for print management or workflow automation may face operational disruptions if attackers exploit the vulnerability to escalate privileges or pivot within the network. The medium severity score reflects the need for timely remediation but indicates that the risk is somewhat mitigated by the requirement for user interaction. However, phishing or social engineering campaigns could increase exploitation likelihood. European entities with exposed web interfaces or insufficient web application firewall (WAF) protections are particularly vulnerable. The impact is heightened in sectors with sensitive data or critical infrastructure relying on this software.

1. Upgrade immediately to edu Business Solutions Print Shop Pro WebDesk version 19.76 or later, where the vulnerability is fixed. 2. Implement strict input validation and output encoding on all user-supplied data, especially the LoginID parameter, to prevent script injection. 3. Deploy Web Application Firewalls (WAFs) with rules designed to detect and block XSS payloads targeting the affected endpoint. 4. Conduct security awareness training to reduce the risk of successful phishing or social engineering attacks that could trigger the vulnerability. 5. Restrict access to the Print Shop Pro WebDesk web interface to trusted networks or VPNs to limit exposure. 6. Monitor web server logs for suspicious requests containing script tags or unusual parameters targeting /PSP/app/web/reg/reg_display.asp. 7. Employ Content Security Policy (CSP) headers to restrict execution of unauthorized scripts in browsers accessing the application. 8. Regularly scan web applications with automated tools to detect XSS and other injection vulnerabilities. 9. Review session management practices to ensure cookies are marked HttpOnly and Secure to reduce session hijacking risks. 10. Coordinate with the vendor for any additional security advisories or patches.