CVE-2025-10367 MiczFlor RPi-Jukebox-RFID cardEdit.php cross site scripting

🗓️ 13 Sep 2025 14:02:06Reported by VulDBType

CVE-2025-10367: MiczFlor RPi-Jukebox-RFID cardEdit.php enables remote cross site scripting on versions up to 2.8.0.

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2025-10367	13 Sep 202516:56	–	circl
CNNVD	RPi-Jukebox-RFID 代码注入漏洞	13 Sep 202500:00	–	cnnvd
CVE	CVE-2025-10367	13 Sep 202514:02	–	cve
EUVD	EUVD-2025-29093	3 Oct 202520:07	–	euvd
NVD	CVE-2025-10367	13 Sep 202514:15	–	nvd
Positive Technologies	PT-2025-37373	13 Sep 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-10367	15 Sep 202514:31	–	redhatcve
Vulnrichment	CVE-2025-10367 MiczFlor RPi-Jukebox-RFID cardEdit.php cross site scripting	13 Sep 202514:02	–	vulnrichment

[
  {
    "vendor": "MiczFlor",
    "product": "RPi-Jukebox-RFID",
    "versions": [
      {
        "version": "2.0",
        "status": "affected"
      },
      {
        "version": "2.1",
        "status": "affected"
      },
      {
        "version": "2.2",
        "status": "affected"
      },
      {
        "version": "2.3",
        "status": "affected"
      },
      {
        "version": "2.4",
        "status": "affected"
      },
      {
        "version": "2.5",
        "status": "affected"
      },
      {
        "version": "2.6",
        "status": "affected"
      },
      {
        "version": "2.7",
        "status": "affected"
      },
      {
        "version": "2.8.0",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/YZS17/CVE/blob/main/RPi-Jukebox-RFID/xss2.md
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
github	www.github.com/YZS17/CVE/blob/main/RPi-Jukebox-RFID/xss2.md

13 Sep 2025 14:02Current

CVSS 3.13.5

CVSS 33.5

CVSS 24

CVSS 45.1

EPSS0.00053