How the CVE Works
CVE-2025-30342 is a stored Cross-Site Scripting (XSS) vulnerability in OpenSlides (<4.2.5) that allows attackers to inject malicious JavaScript via HTML attribute manipulation. The application fails to properly sanitize user-supplied input in features like Moderator Notes and Agenda Topics. While basic `