4 matches found
CVE-2025-40633
creationtimestamp| type| source ---|---|--- 2025-05-20 10:40:15+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16964...
CVE-2025-40633 Stored Cross-Site Scripting (XSS) in Koibox
A Stored Cross-Site Scripting XSS vulnerability has been found in Koibox for versions prior to e8cbce2. This vulnerability allows an authenticated attacker to upload an image containing malicious JavaScript code as profile picture in the '/es/dashboard/clientes/ficha/' endpoint...
CVE-2025-40633 Stored Cross-Site Scripting (XSS) in Koibox
A Stored Cross-Site Scripting XSS vulnerability has been found in Koibox for versions prior to e8cbce2. This vulnerability allows an authenticated attacker to upload an image containing malicious JavaScript code as profile picture in the '/es/dashboard/clientes/ficha/' endpoint...
CVE-2025-40633
Koibox CVe-2025-40633 describes a Stored XSS in Koibox for versions before the fix commit e8cbce2. An authenticated attacker can upload an image containing JavaScript as a profile picture via the /es/dashboard/clientes/ficha/ endpoint, enabling script execution in the victim’s browser and potenti...