AVideo has Stored XSS via Unescaped Menu Item Fields in TopMenu Plugin

Summary The TopMenu plugin renders menu item fields icon classes, URLs, and text labels directly into HTML without applying htmlspecialchars or any other output encoding. Since menu items are rendered on every public page through plugin hooks, a single malicious menu entry results in stored...

CVE-2025-66437

An SSTI Server-Side Template Injection vulnerability exists in the getaddressdisplay method of Frappe ERPNext through 15.89.0. This function renders address templates using frappe.rendertemplate with a context derived from the addressdict parameter, which can be either a dictionary or a string...