CVE-2025-67627 is a Stored Cross-site Scripting (XSS) vulnerability identified in the TouchOfTech Draft Notify product, affecting all versions up to and including 1.5. The vulnerability stems from improper neutralization of user-supplied input during the generation of web pages, which allows malicious scripts to be stored on the server and executed in the browsers of users who access the compromised content. Stored XSS is particularly dangerous because the malicious payload persists on the server and can affect multiple users without requiring repeated exploitation. Attackers can leverage this vulnerability to steal session cookies, perform actions on behalf of users, deface web content, or deliver malware. The vulnerability does not require authentication, increasing the attack surface, and no user interaction beyond viewing the infected page is necessary for exploitation. Although no known exploits are currently reported in the wild, the vulnerability's presence in a document collaboration tool like Draft Notify raises concerns about potential attacks on organizations relying on this software for internal communications and document management. The lack of a CVSS score indicates that the vulnerability is newly published and not yet fully assessed, but the technical nature and impact potential suggest a significant risk. The absence of patch links indicates that a fix is either pending or not yet publicly available, emphasizing the need for immediate mitigation steps by affected users.

For European organizations, the impact of CVE-2025-67627 can be substantial, especially for those using Draft Notify in environments where sensitive or confidential information is shared and managed collaboratively. Successful exploitation could lead to unauthorized access to session tokens, enabling attackers to impersonate legitimate users and access restricted data. This compromises confidentiality and integrity of organizational data. Additionally, attackers could inject malicious scripts that alter or deface content, disrupting normal business operations and damaging organizational reputation. The availability of the service could also be affected if attackers use the vulnerability to execute denial-of-service attacks or spread malware. Given the collaborative nature of Draft Notify, the vulnerability could facilitate lateral movement within an organization’s network if exploited in conjunction with other weaknesses. The threat is particularly relevant for sectors such as finance, government, healthcare, and legal services in Europe, where document integrity and confidentiality are critical. The lack of authentication requirement lowers the barrier for attackers, increasing the likelihood of exploitation if unmitigated.

1. Monitor TouchOfTech communications for official patches or updates addressing CVE-2025-67627 and apply them immediately upon release. 2. Until patches are available, implement strict input validation and output encoding on all user-supplied data within Draft Notify, focusing on neutralizing HTML and JavaScript content. 3. Deploy Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts and reduce the impact of potential XSS payloads. 4. Conduct regular security audits and code reviews of the Draft Notify deployment to identify and remediate unsafe input handling. 5. Educate users about the risks of clicking on suspicious links or content within the application. 6. Use web application firewalls (WAFs) configured to detect and block common XSS attack patterns targeting Draft Notify. 7. Isolate the Draft Notify environment from critical infrastructure to limit potential lateral movement in case of compromise. 8. Implement robust logging and monitoring to detect anomalous activities that may indicate exploitation attempts.