2 matches found
Home Assistant has stored XSS in history-graphs
Summary The "remaining charge time"-sensor for mobile phones imported/included from Android Auto it appears is vulnerable to the same issue as CVE-2025-62172. This also indicates that any sensor showing their name in the history-graph, is likely to be vulnerable to this issue. Details Another...
CVE-2025-62172
creationtimestamp| type| source ---|---|--- 2025-10-14 13:14:54+00:00| published-proof-of-concept| https://github.com/home-assistant/core/security/advisories/GHSA-mq77-rv97-285m...