CVE-2025-40702

Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...

CVE-2025-40702

OpenAtlas v8.9.0 (ACDH-CH) is affected by a Cross‑Site Scripting (XSS) flaw caused by inadequate validation of user input in a POST to the /insert/file endpoint, specifically via the creator and license_holder parameters. Multiple sources (NVD, Red Hat, CVE lists, and OSV) confirm the vulnerabili...

CVE-2025-40702 Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH

Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...

PT-2025-35203

Name of the Vulnerable Software and Affected Versions: OpenAtlas version 8.9.0 Description: A Cross-Site Scripting XSS issue exists in OpenAtlas due to insufficient validation of user input received through POST requests. This could allow a remote user to send crafted queries to an authenticated...