CVE-2025-25476 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A stored cross-site scripting (XSS) vulnerability in SysPass 3.2.x allows a malicious user with elevated privileges to execute arbitrary Javascript code by spec…
Medium CVSS: 5.4

CVE-2025-25476

A stored cross-site scripting (XSS) vulnerability in SysPass 3.2.x allows a malicious user with elevated privileges to execute arbitrary Javascript code by specifying a malicious XSS payload as a notification type or notification component.
Vendor
Syspass
Product
Syspass
CWE
CWE-79
Yayın Tarihi
2025-02-28 23:15:11
Güncelleme
2025-07-09 19:30:21
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-79 Syspass MEDIUM Syspass 2025

Referanslar

https://github.com/sysentr0py/CVEs/tree/main/CVE-2025-25476 https://github.com/sysentr0py/CVEs/tree/main/CVE-2025-25476