CVE-2025-51534

High CVSS: 8.1

A cross-site scripting (XSS) vulnerability in Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name field.

Vendor

Craws

Product

Openatlas

CWE

CWE-79

Yayın Tarihi

2025-08-04 17:15:30

Güncelleme

2025-09-20 03:16:38

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-79 Openatlas HIGH Craws 2025

Referanslar

https://www.sec4you-pentest.com/schwachstelle/openatlas-stored-nested-xss-delete-button/ https://www.sec4you-pentest.com/schwachstellen/ https://www.sec4you-pentest.com/schwachstelle/openatlas-stored-nested-xss-delete-button/

Benzer Kayıtlar

Medium

CVE-2025-60917

A reflected cross-site scripting (XSS) vulnerability in the /overview/network/ endpoint of Austrian Archaeological Insti…

Medium

CVE-2025-60914

Incorrect access control in Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to access sensit…

High

CVE-2025-60915

An issue in the size query parameter (/views/file.py) of Austrian Archaeological Institute Openatlas before v8.12.0 allo…

Medium

CVE-2025-60916

A reflected cross-site scripting (XSS) vulnerability in the /overview/network/ endpoint of Austrian Archaeological Insti…

Medium

CVE-2025-56423

An issue in Austrian Academy of Sciences (AW) Austrian Archaeological Institute OpenAtlas v.8.12.0 allows a remote attac…

Medium

CVE-2025-40707

Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultura…